https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4090765#M4479 As per Marce1000 list, your current version is affected by the bug, as you are running 8.5.151.0 which is older than the fixed 8.5.160.0. Fri, 22 May 2020 14:36:27 GMT patoberli 2020-05-22T14:36:27Z https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4089887#M4476 <P>Hello everyone,<BR /><BR /></P><P>Regarding the vulnerability which was published through the below link, anyone can tell me me please if the versions of both WLCs that we manage are vulnerable ?<BR /><BR /><A href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw" target="_blank">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw</A><BR /><BR /></P><P>because in the bug link, only the version&nbsp;8.8(120.0) is mentioned.</P><P><A href="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq59667" target="_blank">https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq59667</A><BR /><BR /></P><P>Cisco controllers we manage:<BR /><BR /></P><P>WLC 1&nbsp;<BR />Model:&nbsp;Cisco 5508 WLC (5500 serie)<BR />Version 8.5.151.0</P><P>WLC 2&nbsp;<BR />Model:&nbsp;Cisco 2504 WLC (2500 serie)<BR />Version&nbsp;8.5.151.0<BR /><BR /></P><P>Thank you.<BR /><BR /></P><P>Regards,</P> Mon, 05 Jul 2021 19:04:28 GMT https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4089887#M4476 akesbi.selma1 2021-07-05T19:04:28Z https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4089929#M4477 &gt;From the link you posted, you need to look at the advisory page. That shows the first fixed version and typically anything prior to that is vulnerable. <BR /> Thu, 21 May 2020 12:15:57 GMT https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4089929#M4477 Scott Fella 2020-05-21T12:15:57Z https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4090121#M4478 <P>&nbsp;</P> <P>&nbsp;Ref&nbsp; :&nbsp;<A href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw#fs" target="_blank">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw#fs</A></P> <H3>Fixed Releases</H3> <SECTION class="bdl_text" data-bdl-txt="WLC Bundle: Fixed SW Table Intro"> <P><SPAN>In the following table, the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by all the vulnerabilities described in this bundle of advisories and which release includes fixes for those vulnerabilities.</SPAN></P> </SECTION> <DIV class="tblScroller"> <TABLE width="100%"> <THEAD> <TR> <TH align="left" valign="top">Cisco WLC Major Software Release</TH> <TH align="left" valign="top"><STRONG><U><FONT color="#008000">First Fixed</FONT></U> Release for This Vulnerability</STRONG></TH> <TH align="left" valign="top"><STRONG>Recommended Release for All Vulnerabilities Described in This Bundle of Advisories</STRONG></TH> </TR> </THEAD> <TBODY> <TR> <TD>8.5 and earlier</TD> <TD><U><STRONG><FONT color="#008000">8.5.160.0</FONT></STRONG></U></TD> <TD>8.5.161.0<SUP>1</SUP></TD> </TR> <TR> <TD><FONT color="#000000"><SPAN class="mce-annotation tox-comment tox-comment--active" data-mce-annotation-uid="CONV-0001042" data-mce-annotation="tinycomments">8.6</SPAN></FONT></TD> <TD><STRONG><FONT color="#008000">8.8.130.0</FONT></STRONG></TD> <TD>8.8.130.0</TD> </TR> <TR> <TD><FONT color="#000000">8.7</FONT></TD> <TD><STRONG><FONT color="#008000">8.8.130.0</FONT></STRONG></TD> <TD>8.8.130.0</TD> </TR> <TR> <TD>8.8</TD> <TD><STRONG><FONT color="#008000">8.8.130.0</FONT></STRONG></TD> <TD>8.8.130.0</TD> </TR> <TR> <TD>8.9</TD> <TD><STRONG><FONT color="#008000">8.10.105.0</FONT></STRONG></TD> <TD>8.10.121.0</TD> </TR> <TR> <TD>8.10</TD> <TD><STRONG><FONT color="#008000">8.10.105.0</FONT></STRONG></TD> <TD>8.10.121.0</TD> </TR> </TBODY> </TABLE> </DIV> <DIV> <P>1. If the deployment is based on a Mobility Express controller, Cisco recommends migrating to Release 8.8.130.0.</P> </DIV> Thu, 21 May 2020 16:47:04 GMT https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4090121#M4478 Mark Elsen 2020-05-21T16:47:04Z https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4090765#M4479 As per Marce1000 list, your current version is affected by the bug, as you are running 8.5.151.0 which is older than the fixed 8.5.160.0. Fri, 22 May 2020 14:36:27 GMT https://community.cisco.com/t5/wireless/information-request-new-vulnerability-in-wlc/m-p/4090765#M4479 patoberli 2020-05-22T14:36:27Z