CVE-2014-7299

Name of the Vulnerable Software and Affected Versions ArubaOS versions 6.3.1.11 through 6.3.1.11-FIPS ArubaOS versions 6.4.2.1 through 6.4.2.1-FIPS

Description The issue allows remote attackers to bypass authentication and obtain potentially sensitive information or add guest accounts via an SSH session. This is due to an unspecified vulnerability in administrative interfaces.

Recommendations For ArubaOS versions 6.3.1.11 through 6.3.1.11-FIPS, consider restricting access to administrative interfaces until a fix is available. For ArubaOS versions 6.4.2.1 through 6.4.2.1-FIPS, consider disabling SSH sessions for administrative interfaces as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this vulnerability.