Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3753
Views
5
Helpful
4
Replies

Observing vulnerability in WLC(AIR-CT5508-K9)

Go to solution
csawest.dc
Level 3
Level 3

‎12-02-2017 09:54 PM - edited ‎03-10-2019 12:56 AM

HI All,

 

We are observing below vulnerability in WLC(AIR-CT5508-K9)

Product Version : 8.2.151.0 

 

TLS/SSL Server Does Not Support Any Strong Cipher Algorithms

Weak Cryptographic Key

TLS/SSL Server Supports The Use of Static Key Ciphers

Self-signed TLS/SSL certificate

Untrusted TLS/SSL server X.509 certificate

SHA-1-based Signature in TLS/SSL Server X.509 Certificate

X.509 Certificate Subject CN Does Not Match the Entity Name

 

Please suggest . Thanks !!

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎12-03-2017 02:12 AM

There is still something you could do here:

  1. Upgrade to a more recent version
  2. disable legacy crypto: "config network secureweb cipher-option high enable"
  3. Replace the certificate with a correct and trusted one.

But as always, be aware of the consequences (at least with "2.") ... 

View solution in original post

4 Replies 4

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎12-03-2017 12:15 AM

Go HERE.

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎12-03-2017 02:12 AM

There is still something you could do here:

  1. Upgrade to a more recent version
  2. disable legacy crypto: "config network secureweb cipher-option high enable"
  3. Replace the certificate with a correct and trusted one.

But as always, be aware of the consequences (at least with "2.") ... 

Go to solution
jhonwellLorente57911
Level 1
Level 1

‎04-01-2021 12:41 AM

HI Team,

 

Anyone could help me on this?

We are Also observing below vulnerability in WLC(AIR-CT2504-K9)

Product Version : 8.5.160.0

 

TLS/SSL Server Does Not Support Any Strong Cipher Algorithms

Weak Cryptographic Key

TLS/SSL Server Supports The Use of Static Key Ciphers

Self-signed TLS/SSL certificate

Untrusted TLS/SSL server X.509 certificate

SHA-1-based Signature in TLS/SSL Server X.509 Certificate

 

 

Appreciate your prompt response. TIA!

0 Helpful

Go to solution
Abdullatif
Level 1
Level 1

‎07-04-2021 12:51 AM

Hi,

 

can you help on how to fix this vulnerability on cisco WLC "Weak Cryptographic Key" .

0 Helpful
Customers Also Viewed These Support Documents