CSCuw06153 - unauthorized configuration change for web management

Andreas Hernandez · ‎01-14-2016

An attacker who can connect to an affected device could exploit this vulnerability.

I'm missing the information about how this bug can be exploited. Can this be exploited trough admin gui? ssh access? captive portal login? capwap tunnel to WLC?

Heinz Kern · ‎01-14-2016

yes, me too.

Craig Le-Butt · ‎01-14-2016

and me

Freerk Terpstra · ‎01-14-2016

Maybe someone from Cisco can reply to this, but I'm afraid that not much info will be given because of the risk that exploits will show up in the wild. From what I have found is having IP access to the management-plane of the WLC engough. If you have this secured by a firewall you are still vulnerable if you are using local webauth for layer 3 authentication.

Please rate useful posts... :-)

Leo Laohoo · ‎01-14-2016

CSCuw06153

lee-taehee · ‎01-19-2016

and me , too

francois.villette · ‎01-20-2016

> CSCuw06153 - unauthorized configuration change for web management

it is not clear in the bug description

the title refers to the admin GUI.

Ralph Olsen · ‎02-25-2016

If it was Webauth they would ask you to disable it as a workaround.

There is no workaround.

No info = Not good news.

Assume it is any IP packet that transit the WLC.

/Ralph