Security Bulletins

Security

Ruckus response to the WPA2 (KRACK) vulnerability:
Ruckus Wireless Support Resource Center

The Ruckus Product Security Team is responsible for researching, analyzing and responding to security incident reports related to Ruckus products. This team is the first point of contact for all security incident reports and works directly with Ruckus customers, security researchers, government organizations, consultants, industry security organizations, and other vendors to identify security issues with Ruckus products. This team is also responsible for publishing security advisories and communicating with outside entities regarding mitigation steps for addressing particular security issues with Ruckus products.

Reporting a Security Issue to Ruckus

Ruckus encourages individuals and organizations to report all Ruckus-related product related vulnerabilities and security issues directly to Ruckus via our email alias: [email protected].

A link to the Ruckus Security Incident Response Policy is available here.

Please provide a detailed description of the issue along with sufficient information to reasonably enable Ruckus to reproduce the issue. Please also include a technical contact, list of Ruckus products affected and any other helpful information such as logs and console messages etc.

If you are a currently experiencing a network outage or need help configuring a security feature, please contact Ruckus via any of the contact methods listed at https://support.ruckuswireless.com/contact-us

Ruckus highly recommends protecting the email communication with the PGP key below for encrypting any sensitive information sent to Ruckus.

To send confidential information, always use PGP Keys only.  Please ask for the key info and keys by sending email to "[email protected]".

Security Bulletins

ID Title Version Release Date Edit Date
20180203 Java JMX and RMI security vulnerabilities (CVE-2017-15708, CVE-2016-8735) February 13, 2018 February 13, 2018
20180202 Authenticated Root Command Injection Vulnerabilities in CLI of ZD/Unleashed APs and Web-GUI of Solo/SZ Managed APs (CVE02017-6229, CVE-2017-6230) February 5, 2018 February 5, 2018
20180105 Spectre and Meltdown Vulnerabilities - (CVE-2017-5753 CVE-2017-5715 CVE-2017-5754) 1 January 5, 2018 January 16, 2018
112717 Multiple Vulnerabilities in DNSMASQ (CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-13704, CVE-2015-3294) 1 November 27, 2017 November 27, 2017
BSA-2017-474 CVE-2017-15361 November 17, 2017 November 17, 2017
BSA-2017-473 CVE-2017-1000255 November 17, 2017 November 17, 2017
BSA-2017-472 CVE-2014-0018 November 17, 2017 November 17, 2017
BSA-2017-471 CVE-2013-4517 November 17, 2017 November 17, 2017
BSA-2017-470 CVE-2013-6440 November 17, 2017 November 17, 2017
BSA-2017-469 CVE-2015-5188 November 17, 2017 November 17, 2017
BSA-2017-458 CVE-2014-3591 November 17, 2017 November 17, 2017
BSA-2017-457 CVE-2013-4242 November 17, 2017 November 17, 2017
BSA-2017-455 CVE-2017-13704 November 17, 2017 November 17, 2017
BSA-2017-454 CVE-2017-14496 November 17, 2017 November 17, 2017
BSA-2017-453 CVE-2017-14495 November 17, 2017 November 17, 2017
BSA-2017-452 CVE-2017-14494 November 17, 2017 November 17, 2017
BSA-2017-451 CVE-2017-14493 November 17, 2017 November 17, 2017
BSA-2017-450 CVE-2017-14492 November 17, 2017 November 17, 2017
BSA-2017-449 CVE-2017-14491 November 17, 2017 November 17, 2017
BSA-2017-447 CVE-2017-12617 November 17, 2017 November 17, 2017
101717 Multiple Vulnerabilities discovered in RSA key generation within Infineon TPM 1 October 17, 2017 October 17, 2017
101617 Multiple Vulnerabilities discovered in 4-way handshake of WPA2 protocols - (KRACK: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) 1.12 October 16, 2017 December 21, 2017
092917 Authenticated Root Command Injection Vulnerabilities in Web-GUI of Ruckus Zone Director Controller and Unleashed APs (CVE-2017-6223, CVE-2017-6224) 1 September 29, 2017 September 29, 2017
BSA-2017-445 CVE-2017-3226 September 29, 2017 October 27, 2017
BSA-2017-444 CVE-2017-3225 September 29, 2017 October 27, 2017
BSA-2017-443 CVE-2016-2774 September 29, 2017 November 17, 2017
BSA-2017-442 CVE-2016-4984 September 29, 2017 October 13, 2017
BSA-2017-441 CVE-2017-12150 September 29, 2017 October 13, 2017
BSA-2017-440 CVE-2017-12163 September 29, 2017 October 13, 2017
BSA-2017-439 CVE-2017-12151 September 29, 2017 October 13, 2017

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.