Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 7

mguccione · ‎10-17-2017

Hi I have several Cisco AP 1130AG, are them affected to this vulnerability?

They have IOS Version 12.4(25e)JAM3$ and managed by WLC 5508 (7.4.121.0)

Thanks in advance

Leo Laohoo · ‎10-17-2017

The final support for the 1130 is 8.0.X.X.

Cisco will be releasing a fix version for the 8.0.X.X version shortly.

Leo Laohoo · ‎10-17-2017

I stand corrected. 1130/1240 are deemed to be "not affected" by this vulnerability.

ofir-nissim · ‎10-17-2017

what about the C1140 Version 15.3 , is it affecte by this vulnerability,
if so what is the fix for it

Leo Laohoo · ‎10-17-2017

@ofir-nissim wrote:
what about the C1140 Version 15.3 , is it affecte by this vulnerability,
if so what is the fix for it

The fix for the 1140 is 8.0.15X.X.

ofir-nissim · ‎10-17-2017

this specific node is running as autonomous , does it matter?
the show run shows its running IOS 15.3..

Leo Laohoo · ‎10-17-2017

@ofir-nissim wrote:
this specific node is running as autonomous , does it matter?

This vulnerability affects anything with a wireless NIC. It's not just wireless AP but also wireless clients as well. Patching the client will fix 9 out of 10 vulnerabilities but not CVE-2017-13082.

Perspective About the Recent WPA Vulnerabilities (KRACK Attacks)

Fix release date for autonomous IOS has not yet been announced. Priority is given to controller-based IOS.