If you have installed a version of Aruba InstantOS that is prior to the release listed above, you will need to upgrade to a supported release in order to continue operating your network with that particular software. Unauthorized access to the AP via the SSID, and the injection of malicious code into the management interface is possible. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 184.108.40.206-220.127.116.11 and below; Aruba InstantOS 6.5.x: 18.104.22.168 and below; Aruba InstantOS 8.6.x: 22.214.171.124 and below; Aruba InstantOS 8.7.x: 126.96.36.199 and below; Aruba InstantOS 8.10.x: 188.8.131.52 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.
What you need to do to address this vulnerability
If you have installed a version of Aruba InstantOS prior to the release listed above, you will need to upgrade the software to a supported release listed above. If you cannot upgrade your software, contact Aruba Technical Support for assistance in addressing this security issue.
For information on how to address this vulnerability, refer to:
What to do if you are using an unsupported version of Aruba InstantOS
If you are using an unsupported version of Aruba InstantOS, the best course of action is to upgrade it to a supported release. Please contact Aruba Support for more information on how to upgrade your software.
If you have Aruba InstantOS 184.108.40.206-220.127.116.11 and below, upgrade to Aruba InstantOS 18.104.22.168 or higher to resolve this security vulnerability
What is the Aruba InstantOS?
The Aruba InstantOS is a Linux-based operating system that enables a user to quickly deploy and configure access points, user portals, and other services on the Aruba Mobility Controller.
Published on: 10/07/2022 19:15:00 UTC
Last modified on: 11/09/2022 04:00:00 UTC