vulnerabilities on the Cisco 5508 Controllers

Prasanna Damodaran · ‎07-04-2012

getting the following vulnerabilities on the Cisco 5508 Controllers, IOS 7.0.235.0.

We upgraded the OS to 7.2.110.0, even than getting the same vulnerabilities.

Please assist.

Amjad Abdullah · ‎07-04-2012

What is the exact vulnerability? can you explain?

Rating useful replies is more useful than saying "Thank you"

Prasanna Damodaran · ‎07-04-2012

SSL Vulnerabilities

- OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG

Ciphersuite Disabled Cipher Issue

Amjad Abdullah · ‎07-04-2012

From what I read I think this is not related to the code version.

The web-auth certificate on the WLC is by default a self-signed certificate and this is what seems the "vulnerability" reported.

You need to use a trusted certificate from a trusted CA if you want this not to appear.

Two certificates are being used by the WLC (that are generated by the WLC itself if you do not provide one):

- web admin cert: used for HTTPS/SSH traffic when the admin opens the WLC management GUI/CLI.

- web auth cert: used for web-auth page when guest users try to connect to a guest network that uses web-auth as a L3 security method.

so it seems all your issue is not related to a software bug or leak.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Prasanna Damodaran · ‎07-05-2012

Hi Amjad,

I scanned with Mcafee Foundstone, and found this vulnerabilities as informational.

But the 5508 is showing as 4402 in scan, you know why is it showing like this.

Amjad Abdullah · ‎07-05-2012

Could not get you. What is the difference between 5508 and 4402?

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"