Wireless Access

last person joined: 5 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Advisory Number 06062014 / CVE-2014-0224 - ArubaOS versions 5.x, 6.1.x, 6.2.x

This thread has been viewed 0 times

  • 1.  Advisory Number 06062014 / CVE-2014-0224 - ArubaOS versions 5.x, 6.1.x, 6.2.x

    Posted Jun 24, 2014 12:00 PM

    Hi,

    According to the above advisory, the mentioned versions (5.x, 6.1.x, 6.2.x) are possibly affected.

    Is there any more information on this as yet? Do we need to upgrade, or is there a fix released?

     

    Many thanks,

    Liam Burke



  • 2.  RE: Advisory Number 06062014 / CVE-2014-0224 - ArubaOS versions 5.x, 6.1.x, 6.2.x
    Best Answer

    EMPLOYEE
    Posted Jun 24, 2014 12:26 PM 
    POSSIBLY AFFECTED
	- ArubaOS 5.x, 6.1.x, 6.2.x
	- ArubaOS 7.x (Mobility Access Switch)
	  These versions contain an older version of OpenSSL which is not reported
	  to be vulnerable when acting as a TLS server.  Although Aruba does not
	  believe these versions pose a danger, OpenSSL will be patched during the
	  next scheduled maintenance cycle as a precaution