HPE Aruba Networking Infrastructure Public Program

People move. Networks must follow.

  • $250 – $2,000 per vulnerability
  • Safe harbor
Submit report

Out Of Scope Update

Hi all,

Please note that this program does have a number of types of submissions and hosts which are out of scope. We've seen an uptick in submissions against out of scope items lately and we'd like to not be in the position of having to deny your submission due to scope issues.

Please review the following list and refrain from research and submissions against these hosts and finding types.

Out-of-Scope

  • HPE corporate websites and resources
  • Other HPE or Aruba products not specifically listed in the Target Group
  • Rate limiting or other DoS type attacks for *.arubanetworks.com
  • Open redirects
  • link injection will be considered but impact might be reduced depending on site
  • Any DMARC findings or similar without demonstrated proof of impact. A lot of arubanetworks.com subdomains actually do not accept email modern day, although historically they did.
  • Infrastructure with certificates like instant.arubanetworks.com or hostnames like securelogin.arubanetworks.com. These are products owned by customers which are not setup and they are not owned Aruba nor are they externally facing infrastructure.
  • The following hosts:
    • outdoorplanner.arubanetworks.com
    • *.atl.arubanetworks.com - this is a testing subdomain used by bugcrowd
    • *.getaws.arubanetworks.com - we hope this is temporary. We've had a number of submissions against these hosts and we think the root cause is all related. We want to clear these before accepting further submissions against these hosts.
    • asp-notifications.arubanetworks.com - this is related to the findings on *.getaws.arubanetworks.com above.
    • quickconnect.arubanetworks.com - this server is being decommissioned
    • community.arubanetworks.com - we've had a number of submissions against this and it's starting to look like we might have dups. This is likely a temporary pause until fixes can be rolled out and cases are closed. Once that happens it will go back into scope again, but at this point we need to digest what has come in.
    • innovate.arubanetworks.com - this is actually a run by a third party and not under Aruba's control
    • *.iot.developer.arubanetworks.com - these are demo hosts and not production
    • setmeup.arubanetworks.com - this is simply a placeholder for APs in a default state
    • *.isb.arubanetworks.com - these are development subdomains and outside of active scope
    • enews.arubanetworks.com - this is a third-party
    • news.arubanetworks.com - this is a third-party
    • demos.arubanetworks.com - this is a third-party
    • sirt.arubanetworks.com - this is a third-party as well in terms of the hosting. We are aware of some issues in it and working with the vendor, but please do not test this host
    • *.arubademo.net - anything from arubademo. This is a lab environment and explicitly out of scope.

If you have any questions on the change in the scope, please reach out to support@bugcrowd.com.

Mike
Mike