cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1768
Views
0
Helpful
5
Replies

vulnerabilities on the Cisco 5508 Controllers

getting the following vulnerabilities on the Cisco 5508 Controllers, IOS 7.0.235.0.

We upgraded the OS to 7.2.110.0, even than getting the same vulnerabilities.

Please assist.

5 Replies 5

Amjad Abdullah
VIP Alumni
VIP Alumni

What is the exact vulnerability? can you explain?

Rating useful replies is more useful than saying "Thank you"

SSL Vulnerabilities

- OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG

Ciphersuite Disabled Cipher Issue

  • •-         SSL Certificate Cannot Be Trusted
  • •-         SSL Self-Signed Certificate

From what I read I think this is not related to the code version.

The web-auth certificate on the WLC is by default a self-signed certificate and this is what seems the "vulnerability" reported.

You need to use a trusted certificate from a trusted CA if you want this not to appear.

Two certificates are being used by the WLC (that are generated by the WLC itself if you do not provide one):

- web admin cert: used for HTTPS/SSH traffic when the admin opens the WLC management GUI/CLI.

- web auth cert: used for web-auth page when guest users try to connect to a guest network that uses web-auth as a L3 security method.

so it seems all your issue is not related to a software bug or leak.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Hi Amjad,

I scanned with Mcafee Foundstone, and found this vulnerabilities as informational.

But the 5508 is showing as 4402 in scan, you know why is it showing like this.

Could not get you. What is the difference between 5508 and 4402?

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: