04-13-2016 10:22 AM - edited 04-13-2016 10:23 AM
ClearPass uses Samba internally which is affected by security advisory CVE-2016-2118 (aka "Badlock").
According to RedHat:
"An Active Directory infrastructure with a Samba server as a domain member is vulnerable to this flaw, as a man-in-the-middle attacker could intercept traffic between the domain member and the domain controller to impersonate the client and get the same privileges as the authenticated user account."
We need guidance from Aruba on what steps they are taking to resolve this within the ClearPass product and how long the wait will be.
04-13-2016 10:28 AM
I have to have engineering check on this one.
In future, can you send security vulnerability questions to firstname.lastname@example.org so that the right folks see these types of questions immediately? Details on this email address and security policies in general are posted here http://www.arubanetworks.com/support-services/secu