Security

Reply
Contributor I
Posts: 36
Registered: ‎10-27-2007

ClearPass and CVE-2016-2118

[ Edited ]

ClearPass uses Samba internally which is affected by security advisory CVE-2016-2118 (aka "Badlock").

 

According to RedHat:

 

"An Active Directory infrastructure with a Samba server as a domain member is vulnerable to this flaw, as a man-in-the-middle attacker could intercept traffic between the domain member and the domain controller to impersonate the client and get the same privileges as the authenticated user account."

 

We need guidance from Aruba on what steps they are taking to resolve this within the ClearPass product and how long the wait will be.

 

Thanks.

 

 

Aruba
Posts: 429
Registered: ‎05-30-2012

Re: ClearPass and CVE-2016-2118

Hi Bruce,

I have to have engineering check on this one.

 

In future, can you send security vulnerability questions to sirt@arubanetworks.com so that the right folks see these types of questions immediately? Details on this email address and security policies in general are posted here http://www.arubanetworks.com/support-services/security-bulletins/

 

Best regards,

 

Madani

Aruba
Posts: 429
Registered: ‎05-30-2012

Re: ClearPass and CVE-2016-2118

Bruce,

I wanted to drop you a note to let you know we have not forgotten you. Our security team is involved and continues to investigate.

 

Best regards,

 

Madani

Aruba
Posts: 429
Registered: ‎05-30-2012

Re: ClearPass and CVE-2016-2118

Bruce,

We've posted the SAMR and LSA man in the middle attacks ("BADLOCK") advisory. Please let me know if you have any questions.

 

Best regards,

 

Madani

 

 

Contributor I
Posts: 36
Registered: ‎10-27-2007

Re: ClearPass and CVE-2016-2118

Thank you for keeping on top of this. Good to see such a quick turnaround.

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: