Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices. The vulnerabilities were discovered during a black box security assessment and therefore the vulnerability list should not be considered exhaustive. Several of the high severity vulnerabilities listed in this report are related to the Aruba proprietary PAPI protocol and allow remote compromise of affected devices.
Google bug-hunters disclose 26 vulnerabilities
Aruba Networks is slinging patches at a bunch of vulnerabilities in management platforms, its Aruba Instant Platform, and its proprietary ArubaOS PAPI management API.
The company posted three advisories here after Google put it on a 90-day deadline, with the Chocolate Factory's Sven Blumenstein dropping a consolidated report of 26 individual vulns at Full Disclosure on Friday.
Al are considered “urgent”, according to the HP subsidiary.
In a tone of some irritation, Aruba sa...