Cisco Aironet Access Points Unauthorized Access Vulnerability

jegan_rajappa · ‎10-24-2019

ello,

It seems Cisco secutity advisory have announced critical vulnerability on 16-Oct-2019, I have one question related to same and looking for clarify.

As per my understanding HTTP or HTTPS will be open in WAPs only when it is working in Mobility Express mode, in other modes these ports are not open, in that case these devices are not vulnerable, am I correct ?

Please advice, Thanks.

Leo Laohoo · ‎10-24-2019

What firmware is the controller running on?

jegan_rajappa · ‎10-24-2019

I have controllers running 8.0.152.0, 8.3.133.0, 8.3.143.0 and 8.5.135.0.

Leo Laohoo · ‎11-13-2019

Upgrade the firmware of the controllers -- That is the fix.

Jaderson Pessoa · ‎10-24-2019

Yes, if you do not have this ports allowed. But i will suggest you to upgrade your devices, because this can remediate headaches

Jaderson Pessoa
*** Rate All Helpful Responses ***

patoberli · ‎11-14-2019

I recommend also to upgrade the firmware to the latest stable and supported versions.
Regarding this specific security hole, it seems only 8.5.150.0 and older 8.5 versions plus 8.8.115.0 and older 8.8 releases are affected. So you only need to upgrade your 8.5.135.0 device to the latest 8.5.151.0 release. Because of many other bugs, I recommend to also upgrade all others to this 8.5.151.0 release (check compatibility Matrix in case you have some older APs running, not all are supported by 8.5.x.).

Leo Laohoo · ‎11-14-2019

Because of the latest WLC vulnerability (Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service Vulnerability, published 06 November 2019), there will be another release shortly.

If you are planning to upgrade the controller, it is better to wait for this release.