Hi,
I have a few Aruba IAP 225 and they have firmware version:
6.4.2.6-4.1.1.6_50009
I am new to Aruba and don't really understand how to read the version number and releases.
Can someone tell me if this version is affected by the new Wifi WPA 2 vulnerability (http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt)
With the firmware version that I have on my devices, do I look at
ArubaOS 6.4 prior to 6.4.4.16 or Aruba Instant (all versions prior to 4.2.4.9) in the document from Aruba below?
Title
=====
WPA2 Key Reinstallation Vulnerabilities
Overview
========
Common industry-wide flaws in WPA2 key management may allow an attacker to
decrypt, replay, and forge some frames on a WPA2 encrypted network. The
accompanying FAQ document provides more extensive details.
Affected Products
=================
-- ArubaOS (all versions prior to 6.3.1.25)
-- ArubaOS 6.4 prior to 6.4.4.16
-- ArubaOS 6.5.0.x
-- ArubaOS 6.5.1 prior to 6.5.1.9
-- ArubaOS 6.5.2.x
-- ArubaOS 6.5.3 prior to 6.5.3.3
-- ArubaOS 6.5.4 prior to 6.5.4.2
-- ArubaOS 8.x prior to 8.1.0.4
-- Aruba Instant (all versions prior to 4.2.4.9)
-- Aruba Instant 4.3 prior to 4.3.1.6
-- Aruba Instant 6.5.2 and 6.5.3 prior to 6.5.3.3
-- Aruba Instant 6.5.4 prior to 6.5.4.2
-- Clarity Engine 1.0
-- HP 501 Wireless Client Bridge prior to 1.0.1.3
-- Aruba 501 Wireless Client Bridge prior to 2.0.0.1
-- Aruba AirMesh MSR series (all versions)
Any help will be appreciated.
Thanks so much!