search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Aruba Mobility Controller vulnerable to privilege escalation

Vulnerability Note VU#613833

Original Release Date: 2007-02-13 | Last Revised: 2007-02-13

Overview

The Aruba Mobility Controller Management Interface contains a privilege escalation vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system.

Description

The Aruba Mobility Controllers are used to process and control network traffic in a wireless network. The Aruba Mobility Controller Management Interface is a utility used to configure and manage the Aruba Mobility Controllers. The management interface can be accessed via a command line or a web-based interface.

The Aruba Mobility Controller contains an guest account, which is intended to have restricted privileges on the Mobility Controller. However, due to an unspecified implementation error, an attacker with access to the guest account may be able to gain administrative privileges on the Mobility Controller.

According to Aruba Networks this vulnerability affects Aruba Networks Mobility Controllers (200, 800, 2400, and 6000) running software versions 2.0 and later and Alcatel-Lucent OmniAccess Wireless 43xx and 6000 running software versions 2.0 and later.

Impact

A remote attacker may be able to gain administrative privileges on the Aruba Mobility Controller.

Solution

Apply a patch from Aruba
Aruba has released a patch to address this vulnerability. For more information refer to the Systems Affected section of this document.

Restrict access

You may wish to block access to the vulnerable software from outside your network perimeter, specifically by blocking access to Aruba Mobility Controller Management Interface web site as well as the device itself. This will limit your exposure to attacks.


Disable captive portal access

Disabling captive portal access if it is not needed may mitigate this vulnerability.

Vendor Information

613833
 
Expand all

Aruba Networks, Inc. Affected

Notified:  February 09, 2007 Updated: February 13, 2007

Status

Affected

Vendor Statement

Aruba Networks is committed to continuously enhancing our security posture, and we have both internal and external resources involved in security review processes aimed at identifying product vulnerabilities, both in existing and in developing products.

It is important to note that there have been no reports of compromise due to this vulnerability. Aruba Networks' primary concern in this instance is to rapidly deploy a solution for our entire customer base. As a result, Aruba has released patches for most code versions.

We highly recommend that you upgrade your Mobility Controller to a patch corresponding to your currently installed release. While we encourage customers to always utilize the latest releases to ensure the full benefit of our continued innovation and improvements, we recognize that this is not always possible. Therefore, all releases of code incorporating this fix are immediately available for download at https://support.arubanetworks.com

If you do not have an ArubaCare contract, you should contact your local reseller for assistance.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was reported by Aruba Networks.

This document was written by Jeff Gennari.

Other Information

CVE IDs: None
Severity Metric: 4.68
Date Public: 2007-02-12
Date First Published: 2007-02-13
Date Last Updated: 2007-02-13 19:59 UTC
Document Revision: 15

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis