Re: AIR-AP2802I-E-K9 with Version 8.5.140.0 with HIGH RISK (Vulnerability) LIGHTTPD

MarcoSlama5869 · ‎05-13-2019

Our Vulnerability Scanner says that the cisco AIR-AP2802I-E-K9 is a High Risk.

The Reason for that is that the process Lighttpd is unsecure. Lighttpd is from a another vendor.

When you follow this link you can see that the vendor already fixed this prblem with an update.

https://tools.cisco.com/security/center/viewAlert.x?alertId=60000

But how can I fix this problem? Is Lighttpd integrated in the Cisco IOS and i have to do a cisco update?

The other option is how can I disable lighttpd?

The Vulnerability Scanner hat following Solutionsuggestion: upgrade to version 1.4.54 or later of Lighttpd

how can I update Lighttpd on this accesspoint?

Leo Laohoo · ‎05-14-2019

NO idea how "accurate" the scan is. The LIGHTTPD vulnerability was discovered way back 2014 and affects only IOS-XR.

1800/2800/3800 don't run this kind of code.

Cisco IOS XR Software lighttpd TCP Session Vulnerability

Some_Guy · ‎05-16-2019

@Leo Laohoo wrote:

The LIGHTTPD vulnerability was discovered way back 2014 and affects only IOS-XR.

Um, the link OP provided clearly says CVE-2019-11072, first published 2019 April 22 22:21 GMT.

patoberli · ‎05-17-2019

Here some more details (the link at the top doesn't work for me, as there was a space after the last 0):
https://tools.cisco.com/security/center/viewAlert.x?alertId=60000

Anyway, I don't think this is a very critical issue, unless your ME management IP is reachable from the internet. The bug doesn't show any specific impact to any Cisco products. Either they haven't yet tested the products, or indeed nothing is vulnerable.