Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote malicious users to obtain access via unspecified vectors, aka Bug ID CSCuw58062.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco aironet_access_point_software 7.4_base |
||
cisco aironet_access_point_software 7.3_base |
||
cisco aironet_access_point_software 8.1\\(112.4\\) |
||
cisco aironet_access_point_software 8.1\\(112.3\\) |
||
cisco aironet_access_point_software 7.2_base |
||
cisco aironet_access_point_software 8.1\\(15.14\\) |
Wi-Fi gear, WLAN controllers, ISE get security patches
Cisco sysadmins have a busy day ahead of them, with vulnerabilities announced in wireless LAN controllers, the Cisco Identity Services Engine, and Aironet access points. The Aironet 1800 series flaw, CVE-2015-6336, is that old favorite: a hardcoded static password granting access to the device. Luckily, the account with the hardwired credential doesn't have admin privilege, so Cisco reckons its exposure is limited to denial-of-service attacks. The access points that need updating are the 1830e, ...