The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability note 20524

Aruba, Alcatel: known private key for securelogin

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle on Aruba and Alcatel, in order to read or write data in the session.
Impacted software: Alcatel OmniAccess Wireless Access Point, Alcatel OmniAccess Wireless LAN Switch, ArubaOS.
Severity of this computer vulnerability: 3/4.
Consequences of an attack: user access/rights, data reading, data creation/edition.
Attacker's origin: intranet client.
Creation date: 06/09/2016.
Références of this announce: VIGILANCE-VUL-20524.

Description of the vulnerability

The Aruba and Alcatel-Lucent OmniAccess products use the "securelogin.arubanetworks.com" certificate, for the following features:
 - captive portal
 - web administration
 - WPA2-Enterprise 801.X authentication

However, the private key of this certificate was published.

An attacker can therefore act as a Man-in-the-Middle on Aruba and Alcatel, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides applications vulnerabilities bulletins. The technology watch team tracks security threats targeting the computer system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.