04-15-2019 01:54 PM - edited 07-05-2021 10:15 AM
good day
I have a client who reports the following vulnerability in the WLC cisco:
The server accepts connections using SSL 2.0, SSL 3.0, TLS 1.0 and / or TLS 1.1. These versions contain many cryptographic weaknesses and are considered obsolete by the regulatory bodies. An attacker can use these vulnerabilities to carry out Man in the Middle (MitM) attacks or decrypt communications between client and server.
How can I verify if this vulnerability exists in my WLC, how would it be mitigated? Or, on the contrary, how do I show the client that the WLC does not have the vulnerability?
I share some data from my WLC:
MODEL 2504
Product Version.................................. 8.3.133.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. PIC 16.0
Thank you for your help and contributions.