Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
753
Views
10
Helpful
3
Replies

CSCvf47808 - Key Reinstallation attacks against WPA protocol - 10

fflanca
Level 1
Level 1

‎10-20-2017 07:24 AM - edited ‎03-20-2019 09:38 PM

Hi,

 

I have a pair of 1252AG in a point to point wireless bridge setup, they are running 15.2(2)JA1. Are them affected to this vulnerability?

 

Thanks in advance.

Labels:
0 Helpful
3 Replies 3

Rich Uline
Level 1
Level 1

‎10-20-2017 08:03 AM

Fflanca,

The WPA2 Security Advisory lists the 1250 series APs as vulnerable to CSCvf47808. So, unfortunately, you are affected.

Aaron
Cisco Employee
Cisco Employee
In response to Rich Uline

‎10-20-2017 09:37 AM

Actually, an AP is susceptible only if 802.11r is enabled. ("authentication key-management wpa version 2 dot11r" configured under the SSID.) This wasn't even supported back in 15.2(2)JA1, so you're clear :)

Aaron

fflanca
Level 1
Level 1
In response to Aaron

‎10-20-2017 10:05 AM

Hi,

Thank you very much, I was trying to determine if the APs (15.2(2)JA1) supported 802.11r or not:

>From the CSCvf47808:

"Conditions:
Exposure to CVE-2017-13082 is only possible if 802.11r(ft) is use (Enabled or in Adaptive mode)"

Best regards
0 Helpful
Customers Also Viewed These Support Documents