cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
754
Views
5
Helpful
1
Replies
Highlighted
Beginner

CSCvh65876 - Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability

Hello Gurus
i'm confused with mitigation information given in Cisco Advisory & Bugsearch pages for the CSCvh65876
On Advisory (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-gui-privesc) it's said:

Cisco Wireless LAN

Controller Major

Software Release

First Fixed Release for This Vulnerability Recommended Release for This Vulnerability
8.3             Available from TAC1 Available from TAC1

while on Bugsearch (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh65876) it's said that there are Fixed releases are available already (f.e. 8.3(143.6)). Also single Known Affected Releases 8.7(1.115) mentioned on the Bugsearch page obviously doesnt match 8.3 as mentioned in Advisory... Could anybody clarify on this please?

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Community Legend

Re: CSCvh65876 - Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability

Never look at the details in the Bug ID:  They are seldom updated and rarely accurate. 

Always look at the Security Bulletin because it is regularly update.  

The fix is to use the latest 8.5.X.X image, 8.5.135.0. 

If you need to use 8.3.X.X then contact TAC so they can provide you an Engineering Release.

1 REPLY 1
Hall of Fame Community Legend

Re: CSCvh65876 - Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability

Never look at the details in the Bug ID:  They are seldom updated and rarely accurate. 

Always look at the Security Bulletin because it is regularly update.  

The fix is to use the latest 8.5.X.X image, 8.5.135.0. 

If you need to use 8.3.X.X then contact TAC so they can provide you an Engineering Release.

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards