You should not consider a controller/gateway running Apache. It's a hardened and integrated system, not a server running Apache. For that reason, the versions of the used software components are not relevant and not shared. If vulnerabilities are found in any of the used components you should check and follow the
advisories as posted on the Aruba website.
Even if Apache of a specific version was used in one of the Aruba products, the CVE (which you did not mention) is likely to be out of scope for embedded systems like ArubaOS, or not applicable because of configuration/modules; and a false positive of your security scanner.
I would advise you to check the current version of ArubaOS running against the advisories posted after the build date for vulnerabilities and plan your upgrades accordingly.
More
information about the security response program is here. Another good document to check is the
ArubaOS Hardening Guide, which helps you to further lock down the controller and limit access to any services to only what is needed, further reducing the risk and attack surface.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jun 07, 2021 07:05 PM
From: Lawrence Brandt
Subject: WHat version of Apache web server does 6.5.4.20 run?
Hi,
I'm trying to mitigate a CVE, and we're told it affects versions of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26.
How do I find out what version is running on our proposed 7005 / 7210 controller upgrade - 6.5.4.20?
Thanks,
Ambi
------------------------------
Lawrence Brandt
------------------------------