AEROHIVE SECURITY CENTER

AEROHIVE SIRT

The Aerohive Security Incident Response Team (Aerohive SIRT) is responsible for researching, analyzing and responding to security incident reports related to Aerohive products. This team is the first point of contact for all security incident reports and works directly with Aerohive customers, security researchers, government organizations, consultants, industry security organizations, and other vendors to identify security issues with our products.

This team is also responsible for publishing security advisories and communicating with outside entities regarding mitigation steps for addressing particular security issues with Aerohive products. Aerohive respects and honors responsible disclosure practices. We do not have a bounty program, nor do we maintain a “wall of fame”

SECURITY BULLETINS

Aerohive Security Advisories are published for significant security issues that directly involve Aerohive products and require an upgrade, fix, or other customer action. In all security publications, Aerohive discloses the minimum amount of information required for an end-user to assess the impact of the reported vulnerability and any potential steps needed to protect their environment. Aerohive does not provide vulnerability details that could enable someone to craft an exploit. All security advisories here are displayed in chronological order, with the most recently updated advisory appearing at the top of the page.

HOW TO REPORT A SECURITY VULNERABILITY

The Aerohive SIRT has an email alias that makes it easy for customers and others to report potential security vulnerabilities.Once we acknowledge your email, we request five business days to reproduce the reported problem and prepare a response. We appreciate you waiting for our response prior to reporting the problem to others. Please report any potential or real instances of security vulnerabilities with any Aerohive Networks product to the Aerohive SIRT at security@aerohive.com. For immediate assistance, Aerohive TAC is available 24 hours a day by calling 1-866-365-9918 (North America) or +1-408-510-6100.

Who reads email sent to security@aerohive.com?

The Aerohive Security Incident Response Team, which is a restricted and carefully chosen group of Aerohive employees, monitors this email address. No outside users can subscribe to this list.

What information should I send to security@aerohive.com?

When you contact us please give as much information as possible. We encourage you to encrypt any sensitive information you send to us using our public key, visible below and available at various key servers.

Security Advisories

Click here for the latest security advisories

How do we respond to a notification?

All issues reported to the Security Incident Response Team will be investigated. Patches will be generated where necessary and a security advisory will be released. Unless you inform us otherwise, it is our usual practice to cooperate with other affected security vendors and organizations such as CERT/CC to share vulnerability information and patches. However, we will never forward the email that you send to us, and we will not pass on any information that could identify you, your company, your machines, or your configuration.

Please note: Aerohive does not provide an advance notification service. Security patches and advisories are freely available from our web site.

To report a security issue to Aerohive Networks, we encourage you to use the following PGP key for secure communication.

—–BEGIN PGP PUBLIC KEY BLOCK—–

mQINBFqQacoBEAC7xOtOo5rC7wwem8+wE7xsKX3iLJ4UfEky0vq4Q/cYN3SPNDI3
k/cQqCIdxgcAftFVfuEYwVpHUTKjdmbNumBAxczTj+8yntA7uWaLs5Cv+k9wrwZ+
muI4XwvNManGIx3GEGrmibH9O22wMx/lkZTWZQHjC1i9wtIHewpjyPHOv90iCnDI
uvJQc7FZw3VxNhU2sQNc+sgJElWBia55AwYXtyRwoHvE+0MQL61kjqzK3XX3gaxb
F3eVxazC+gTBEfKhyDQdRkH/yR6dEtX0/ZN/BBaFx3DUVKEcQ17YOgCzRk7ChC4k
tabk+exQEtk8VOUhy2ZI7cqhcCb86BxuXtCrBphpY25hKjyEgIlh4lUmFvrNJqO8
RaPwQQRIJCFpLdBML9MquTHuu1XDCOV3Q9ToUPhc+FZLII94Pdivpk7mTg4w3JLD
jh4ribIacoaMSF9Y2+/Rz+oGxsjD6mv+UOEjHF36FYS3DLnJ9VB7bZL++dqcZ5F/
KT9rxx3ds557grhiT5ssMZNbcJxdnlHGAYHd4S+hgxr/Qu9yXBH4lDC2piJJAGhq
LkwYn5W6M26A3TxHCvodkdFJNThVEy/n3ei9nEgTbWJFAI4rVCEXuwu3mUAaJ5t0
oxSEgKybyqvNOe8xp3v6vbS3zcQVbHSe3C9IrNPx+XG5JFBMoxNfcuuDywARAQAB
tDJBZXJvaGl2ZSBOZXR3b3JrcyBTZWN1cml0eSA8c2VjdXJpdHlAYWVyb2hpdmUu
Y29tPokCVAQTAQgAPhYhBHW0ipjnu0JG52qQ25ZqM1lQeH6lBQJakGnKAhsDBQkH
hh+ABQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEJZqM1lQeH6lBtYP/As8oBWc
v2tZvySroY+jEu+20daMbi78gwNglBLc7WTqHGY/XcpHDFg6JRIyuvspurVJxPKS
gRjEpAZ5RhA32AjNpBf3CSqBYz2Gq4RisXyRk4qpQ50LcDK46ZTBhUZJtttNSd2H
hJVa75EUeTBLBUaxV0iVNU+AQddWj8cupDjAy7XHlnx1kcc9W3AohKnUUod3fnXr
8bLvT0lQ2rliUl9tBalryZG4mu28L6PdDu77ZxP2wHjDpvQltBMcz8H2Au9yI3dk
NdOm9Bs1BBbRJftNHzreo87B5NeNrOY2uG4tMrqk9U4ZQvffRCoNz9QJwB/cMAT0
fBDl9N3KVoqxRWRzG2P015buURfUznx0brtv3SAWrYISpPwQWsl1Rjtn2F3qR8ua
jkT2Qc7b8SlqsW46s2AEsyNZSnYRLoMZHq6jIMHXFDMNQE2rT4AgL31b4Jw1V4I0
yNbhRnsIqtoS7oong8rXoT4ypFsig298D7C5UAAYApKJDwqCzBtubewMCK/SqDVo
eUGH2BQfMjNJ5NsVu7JNUVcbEY6q/3I+P0kBQ4dxdGdETKLsSZKBe0vvgYb98zpf
IWRXKiphM/6XM1MBGOzRYso3slDeHfsu2kixobWJC0+6KNpVu8EuOOmMmr8LoOj7
h+6D81BJvCthHBo3LpT4l0oVmhQCvu1jbT3puQINBFqQacoBEAC/LrUNJGUOdqh8
B7VzMBS/ggmPndtSkAARaa1WtsUlLgihgyhPb683J59PwGCr8PEeeJEaqlDD8y5N
gHPn4gNn1Yh+Bmf6buUoCxJNiyUGEQWqVJ1MetUwWyLAMkos0LeT0sl/LCuS7Hju
4jIZZBb2cIW98fe19Nt/LoQdfN1MNwcu1bJWBSpDt+6WFIqEvlSHQ0kFr49RdOPu
cUkWl+i26MUMbUgmsty7t2qW1pGAQy43ItccMW1Op0h2/O8YQ7LDbeccT4jxKdTX
DcZyCh+9qvbmAJCc8o5ZzpL5LcXuMVQdD1Z6VQuXjB/f61M80vqitZDnTNaujDVH
4+p/N1ZBbAwmmJUq3MP+IhgA6sQax3QQtgdbTk/M/I7MBEeVflr204HAB3LpaAHb
MIjObdIOzxRLttA3iqE0ME0mCASnyoUSMXbQ/BgFoOx1AloI+jJIEcz7zIUJyY9z
EuxcRV0ZR0ANs0CCz4bPlcGkyEnFzHSMWb2/MekBa+NtynYBzhxVP2zyys/+OGXC
EbVwsZWEXWSEZaEqB2nJgLhDB13rTmKjrvy7nEzzhvNO+kj1N4JOoM2vyyeqYIen
u1Ip9t2n+6MgbA2GrxbY8Q7hkLiPaYR2MF+ZgMGLCWLh9EvivmZ6tpZ+21GhRvci
u9VBEdFfzSsPAE9+npW8LjmJJZQEgwARAQABiQI8BBgBCAAmFiEEdbSKmOe7Qkbn
apDblmozWVB4fqUFAlqQacoCGwwFCQeGH4AACgkQlmozWVB4fqWpeA/+K2Ke20wT
hTFWLxlnMKQfPy5KBb9aETGcv46CoaMFuIV7IWloZRlwW3acpPutc73QxatflCYh
XDDT6/4jFaSURcjm81stBT6xKEx4hn6TFZwlwFkn+RRpXTy+y6GDvB/25DwbS33p
X1Lmbp2FA14ZeqJeHL3/W1L3DUGM45EZWW404XQzMVyF/ch28prABmGonk+vcEhy
mQcZJliQqqVvta8APNeIJq/DJNvfWP6iqSZ47QmHwwGH9gObnHPE00gWKMi7rR5U
eThT6u5yjj48PhyV2HHIwFQ58C2Brdu0671BhcIHswLbx+KTuk3PQsuTNo6pg/SH
UsXaGRKe4IqJ5Yw2da51gljWMkvVd8RAUwJWLiDR1RWpzTrM086Y91ZZy9WcK+CP
TJErBm44t0xEAXsYKzke5IyaaIAWXL5YspMlroLUYtGKf2351G/1jmg5og8Mh3R/
mQOuUIkSQIfybwcOGiEWR/e6Q7BVGaPoTNvbztFW4ciYNKnaq+waG4xj9OMXpcFl
b0y+j4R+E4oMP60CFBHR6wSQnU2FTMNYsmEa4fafAaPt2I7+7UHkPS7EIJ55Avov
1f+dGbkEG5omdPCiJm1LayYQjPRFXvZrFLioky5qA0CXvTLSMdG6nqy7oyZDykJI
68FImOB0atrpl4AJzsGtDXu7sTfFHtK5FzY=
=VWOt
—–END PGP PUBLIC KEY BLOCK—–