05-21-2020 03:18 AM - edited 07-05-2021 12:04 PM
Hello everyone,
Regarding the vulnerability which was published through the below link, anyone can tell me me please if the versions of both WLCs that we manage are vulnerable ?
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw
because in the bug link, only the version 8.8(120.0) is mentioned.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq59667
Cisco controllers we manage:
WLC 1
Model: Cisco 5508 WLC (5500 serie)
Version 8.5.151.0
WLC 2
Model: Cisco 2504 WLC (2500 serie)
Version 8.5.151.0
Thank you.
Regards,
05-21-2020 05:15 AM
05-21-2020 09:47 AM
In the following table, the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by all the vulnerabilities described in this bundle of advisories and which release includes fixes for those vulnerabilities.
Cisco WLC Major Software Release | First Fixed Release for This Vulnerability | Recommended Release for All Vulnerabilities Described in This Bundle of Advisories |
---|---|---|
8.5 and earlier | 8.5.160.0 | 8.5.161.01 |
8.6 | 8.8.130.0 | 8.8.130.0 |
8.7 | 8.8.130.0 | 8.8.130.0 |
8.8 | 8.8.130.0 | 8.8.130.0 |
8.9 | 8.10.105.0 | 8.10.121.0 |
8.10 | 8.10.105.0 | 8.10.121.0 |
1. If the deployment is based on a Mobility Express controller, Cisco recommends migrating to Release 8.8.130.0.
05-22-2020 07:36 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: