Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1298
Views
0
Helpful
4
Replies

Vulnerabilities of a cisco WLC WLC 2504

diego@martinezgroup.net
Level 1
Level 1

‎03-09-2018 07:28 AM - edited ‎07-05-2021 08:21 AM

Hello a client just had their network checked and had a report with the next vulnerabilites:

 

  • Vulnerability of brute force, the page does not perform user locks even doing more than 10 attempts to enter with wrong password
  • Denial of service through HTTP attack (Apache server)
  • Options mode is enabled in the Apache server
  • Vulnerability in SSL certificate, must generate a new certificate with encryption sha-256 or higher
  • Support of weak encryption algorithms must eliminate Arcfour ciphers

Is there anyway to remove these? 

 

Thank you

Labels:
0 Helpful
4 Replies 4

marce1000
VIP
VIP

‎03-09-2018 08:32 AM

 

 - That depends, which software release are they running on the controller -> can they run a more recent release -> can they then verify the security checks again .... ?

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

diego@martinezgroup.net
Level 1
Level 1
In response to marce1000

‎03-09-2018 09:32 AM

They are running the software version Release 8.0.152.0, and yes they can do an upgrade and verify de security checks again, but first they need to know which new release to put on the device.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to diego@martinezgroup.net

‎03-09-2018 02:53 PM

Upgrade first and do the security check next. 

Another thing, the people who are doing the vulnerability testing should be able to provide the CVS number of said vulnerability.  

Firmware version isn't just the cause.  For example, there could be possibility that the controller isn't really configured properly for security.  So reading the Best Practices could be another solution.

NOTE:  Cisco's products are constantly subjected to security testing by organizations not affiliated to Cisco.  If they find something, Cisco gets notified. 

0 Helpful

Keith Miller
Level 1
Level 1

‎03-13-2018 11:45 AM

The first vulnerability on the list could be mitigated by enforcing a user lockout if this is a local management user:

 

If it's through LDAP, then the lockout policy would need to be configured there.

Preview file
46 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card