Security
Report a potential issue: [email protected]
The Ruckus Product Security Team is responsible for researching, analyzing and responding to security incident reports related to Ruckus products. This team is the first point of contact for all security incident reports and works directly with Ruckus customers, security researchers, government organizations, consultants, industry security organizations, and other vendors to identify security issues with Ruckus products. This team is also responsible for publishing security advisories and communicating with outside entities regarding mitigation steps for addressing particular security issues with Ruckus products.
Reporting a Security Issue to Ruckus
Ruckus encourages individuals and organizations to report all Ruckus-related product related vulnerabilities and security issues directly to Ruckus via our email alias: [email protected].
A link to the Ruckus Security Incident Response Policy is available here.
Please provide a detailed description of the issue along with sufficient information to reasonably enable Ruckus to reproduce the issue. Please also include a technical contact, list of Ruckus products affected and any other helpful information such as logs and console messages etc.
If you are a currently experiencing a network outage or need help configuring a security feature, please contact Ruckus via any of the contact methods listed on our Contact page.
| ID | Title | Version | Release Date | Edit Date |
| BSA-2017-218 | CVE-2016-9311 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-216 | CVE-2016-7141 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-215 | CVE-2016-6153 | March 31, 2017 | October 13, 2017 | |
| BSA-2017-214 | CVE-2016-7098 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-213 | CVE-2016-6262 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-212 | CVE-2016-6263 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-211 | CVE-2016-6261 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-210 | CVE-2015-8948 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-207 | CVE-2016-7055 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-206 | CVE-2016-7053 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-205 | CVE-2016-7054 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-204 | CVE-2016-3961 | March 31, 2017 | March 31, 2017 | |
| BSA-2017-201 | CVE-2016-8610 | March 31, 2017 | March 31, 2017 | |
| BSA-2015-003 | CVE-2014-3569 - OpenSSL CVE-2014-3570 - OpenSSL CVE-2014-3571 - OpenSSL CVE-2014-3572 - OpenSSL CVE-2014-8275 - OpenSSL CVE-2015-0204 - OpenSSL CVE-2015-0205 - OpenSSL CVE-2015-0206 - OpenSSL | April 24, 2015 | March 23, 2017 | |
| BSA-2015-002 | CVE-2014-9296 - NTP | March 19, 2015 | May 11, 2016 | |
| BSA-2014-002 | CVE-2014-3566 - OpenSSL | March 10, 2015 | April 07, 2017 | |
| BSA-2015-001 | GNU C Library “GHOST” Vulnerability (CVE-2015-0235) Assessment for Brocade | February 13, 2015 | May 11, 2016 | |
| 20180427 | SmartZone Security Best Practices for Network Security | 1 | April 28, 2018 | April 28, 2018 |
| 20180816 | Dictionary attacks on WiFi Protected Access (WPA & WPA2) Protocols | 1.0 | August 16, 2018 | August 16, 2018 |
| 20180906 | Intel Speculative Execution Vulnerabilities (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) | 1.0 | September 06, 2018 | September 06, 2018 |
| 20180917 | Automatic DNS Registration and Proxy Autodiscovery Vulnerabilities (VU#598349) | 1.0 | September 17, 2018 | September 17, 2018 |
| 20181102 | Libssh Vulnerabilities - CVE-2018-10933 | 1.0 | November 02, 2018 | November 02, 2018 |
| 20181205 | PortSmash Side-Channel Vulnerability (CVE-2018-5407) | 1.0 | December 05, 2018 | December 05, 2018 |
| 20190528 | Zombieload, RIDL, and Fallout Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-11091) | 1.0 | May 28, 2019 | May 28, 2019 |
| 20190603 | Ruckus SmartZone Privilege Escalation Vulnerability (CVE-2019-11630) | 1.2 | June 03, 2019 | August 12, 2019 |
| 20190815 | TCP SACK Panic - Kernel Vulnerability (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479) | 1.2 | August 15, 2019 | January 08, 2020 |
| 20190412 | Dragonblood Vulnerabilities - VU#871675 | 1.0 | April 12, 2019 | April 12, 2019 |
| 20180618 | SPECTRE-NG Vulnerabilities - (CVE-2018-3639, CVE-2018-3640) | 1.0 | June 18, 2018 | June 18, 2018 |
| 20180601 | Vulnerabilities in Openssl (CVE-201703738, CVE-2018-0733, CVE-2018-0739) | 1.0 | June 01, 2018 | June 01, 2018 |
| 20180319 | Security vulnerabilities addressed by NTP (CVE-2016-1549, CVE-2018-7182, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185, CVE-2018-7183) | 1.0 | March 19, 2018 | March 19, 2018 |