Greetings,
Ruckus Networks' dedicated security information team respond asap to reported possible
vulnerabilities. We post details for each, on our Support portal Security Bulletins page, and
identify if any Ruckus products are affected or not.
https://support.ruckuswireless.com/security
In late December, the most recent bulletin "ZoneDirector and Unleashed Unauthenticated
Remote Code Execution and Other Vulnerabilities" was posted, with affected versions and
secure patch update images that we recommend customers upgrade to. The table with ZD
versions and update image versions are in the pgp-signed text and .pdf bulletin versions.
https://support.ruckuswireless.com/security_bulletins/299
We are giving free 7-day support entitlement to everyone with a ZoneDirector (no previous
support required).
Please plan a change management period to implement an update soon.
The following are best practice procedure for ZoneDirector backup / upgrades, which can
be found in KBA-10079 (after next update period, 6pm PST).
https://support.ruckuswireless.com/articles/000010079
Step 1: Determine your ZD serial number and current firmware version.
In ZD 9.13 and earlier, go to the ZD WebUI Dashboard tab, info is displayed.
In ZD 10.x and later, ZD version is found on Dashboard tab, and Serial Number
is found under System-> System Info.
Write down your ZD serial number for reference.
Step 2: See Security Bulletin table to determine the right secure patched version
for your ZD model(s).
https://support.ruckuswireless.com/security_bulletins/299
Retrieve a copy of the firmware from the ZoneDirector product page on Support portal.
https://support.ruckuswireless.com Save the firmware to your PC.
Step 3: Backup your ZoneDirector; Save backup file with version digits in filename.
From ZD WebUI, go to Administer -> Backup, click the button to save ZD backup file.
Save the .bak file to your PC. Edit the filename to include the version you are running
before upgrading, ie mbZD_db_9.13.3.0.164_010320_13_24.bak is from 9.13.3.0.164.
Step4: Retrieve temporary entitlement file.
Go to https://supportactivation.ruckuswireless.com
Enter your ZD serial number, and click Submit button.
Save the .spt file to your PC.
Step 5: Install temporary entitlement file.
In ZD 9.13 and earlier, go to Administer ->Support and under Support services,
click Browse, and point to the .spt file on your PC.
In ZD 10.x and later, from Administer ->Support, click on Update Services by File,
click Browse, and point to the the .spt file on your PC.
When installed, the ZD will display a notice that Entitlement expires in seven (7) days.
Step 6: Install secure patch ZD firmware upgrade.
Go to Administer -> Upgrade, under Software Upgrade, browse to the secure patch
ZD firmware you saved earlier. When the file is fully loaded, Browse will be replaced
by Upgrade. Click Upgrade to complete the process.
Note: You will be prompted to save a backup before continuing, but you already have
so you can click Cancel, and continue when you see this notice.
The ZoneDirector will reboot after upgrade, and WebUI page should refresh to Login.
[ I run a continuous ping to my ZD IP when its rebooting. If not taken back to login after 2 minutes
of pings responding, click the ZD IP address you see on the reboot screen. It should go to Login. ]
Familiarize yourself with any new look/feel changes in ZD WebUI after upgrade.
Ruckus Networks' dedicated security information team respond asap to reported possible
vulnerabilities. We post details for each, on our Support portal Security Bulletins page, and
identify if any Ruckus products are affected or not.
https://support.ruckuswireless.com/security
In late December, the most recent bulletin "ZoneDirector and Unleashed Unauthenticated
Remote Code Execution and Other Vulnerabilities" was posted, with affected versions and
secure patch update images that we recommend customers upgrade to. The table with ZD
versions and update image versions are in the pgp-signed text and .pdf bulletin versions.
https://support.ruckuswireless.com/security_bulletins/299
We are giving free 7-day support entitlement to everyone with a ZoneDirector (no previous
support required).
Please plan a change management period to implement an update soon.
The following are best practice procedure for ZoneDirector backup / upgrades, which can
be found in KBA-10079 (after next update period, 6pm PST).
https://support.ruckuswireless.com/articles/000010079
Step 1: Determine your ZD serial number and current firmware version.
In ZD 9.13 and earlier, go to the ZD WebUI Dashboard tab, info is displayed.
In ZD 10.x and later, ZD version is found on Dashboard tab, and Serial Number
is found under System-> System Info.
Write down your ZD serial number for reference.
Step 2: See Security Bulletin table to determine the right secure patched version
for your ZD model(s).
https://support.ruckuswireless.com/security_bulletins/299
Retrieve a copy of the firmware from the ZoneDirector product page on Support portal.
https://support.ruckuswireless.com Save the firmware to your PC.
Step 3: Backup your ZoneDirector; Save backup file with version digits in filename.
From ZD WebUI, go to Administer -> Backup, click the button to save ZD backup file.
Save the .bak file to your PC. Edit the filename to include the version you are running
before upgrading, ie mbZD_db_9.13.3.0.164_010320_13_24.bak is from 9.13.3.0.164.
Step4: Retrieve temporary entitlement file.
Go to https://supportactivation.ruckuswireless.com
Enter your ZD serial number, and click Submit button.
Save the .spt file to your PC.
Step 5: Install temporary entitlement file.
In ZD 9.13 and earlier, go to Administer ->Support and under Support services,
click Browse, and point to the .spt file on your PC.
In ZD 10.x and later, from Administer ->Support, click on Update Services by File,
click Browse, and point to the the .spt file on your PC.
When installed, the ZD will display a notice that Entitlement expires in seven (7) days.
Step 6: Install secure patch ZD firmware upgrade.
Go to Administer -> Upgrade, under Software Upgrade, browse to the secure patch
ZD firmware you saved earlier. When the file is fully loaded, Browse will be replaced
by Upgrade. Click Upgrade to complete the process.
Note: You will be prompted to save a backup before continuing, but you already have
so you can click Cancel, and continue when you see this notice.
The ZoneDirector will reboot after upgrade, and WebUI page should refresh to Login.
[ I run a continuous ping to my ZD IP when its rebooting. If not taken back to login after 2 minutes
of pings responding, click the ZD IP address you see on the reboot screen. It should go to Login. ]
Familiarize yourself with any new look/feel changes in ZD WebUI after upgrade.
