cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1737
Views
45
Helpful
6
Replies
Highlighted
Beginner

CSCvg35287%20-%20NAM%20Investigate%20multiple%20WPA/WPA2%20Vulnerabilties

Am I to assume that all versions below 4.5(2033) are also affected? I am running 4.5(1044) in my environment, along with some 4.3 machine, are they also affected?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Beginner

I confirmed with Cisco that it does in fact affect any version that utilizes wpa2. 

View solution in original post

6 REPLIES 6
Highlighted
Participant

I would assume that all 4.x and 3.x are affected. There is no recommendation to downgrade or workarounds. 

Highlighted

I see the status has changed to fixed for the WIFI - AnyConnect vulnerability.  But I don't see a new version for download on the Cisco website.  How do we get the "Fixed" AnyConnect Software?

Highlighted

I'm going to open a TAC case and see if they can provide a fixed version. I'll let you know how I make out. I've seen Cisco do that before.

Highlighted

From the advisory:

4.5.x (27-Oct-2017)

Probably need to wait a few days.

Highlighted

When I spoke to TAC they said they have a fixed version but it wasn't ready for release yet. Its good that there is a date now, maybe we'll get the release later this week. I was told the fixed version would be 4.5.3 or something similar (he said the build number could change).

 

Also, TAC says that Cisco recommends that all customers check with their hardware manufacturers for updated Wireless drivers.

Highlighted
Beginner

I confirmed with Cisco that it does in fact affect any version that utilizes wpa2. 

View solution in original post