07-01-2015 07:46 AM - edited 07-05-2021 03:29 AM
Hi,
I have Cisco 2500 (2504) & 5500 (5508) series wireless controllers running with the IOS version '7.2.111.3' , want to understand whether this series is still vulnerable with SSLv3 or do we need have any remediation plans?
Will appreciate your quick reply.
Thanks,
Sajin P
Solved! Go to Solution.
07-03-2015 07:50 AM
07-01-2015 01:37 PM
yes , wlcs are impacted by this Vul ,
please see this bug which opened in this regards :
https://tools.cisco.com/bugsearch/bug/CSCur27551
u will find all the info you will need,
but please note that the SSLv3 is no secured ,and it's vulnerability affect all products (cisco/non-cisco) , so disable it where ever u see it , on cisco and non-cisco , on servers and clients.
http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118620-technote-esa-00.html
i hope that answer your question
07-03-2015 03:48 AM
Thanks for your reply Ali,
I am running 7.2.111.3 in my WLC, However my WLC is not accepting following commands "fipsconfig & sslconfig" to check current running SSL version.
Is there any commands to identify the running SSL versions? My GUI is running with SSLV3 I would need to change that as well to TLS V1.
Thanks,
Sajin P | +91-9916709992
07-03-2015 07:50 AM
show network summary will show you the SSL versions enabled ,
07-05-2015 12:56 PM
Thanks Ali, I can see I am running with SSL V2 on all the WLC devices. So, is that version also impacted with vulnerability & we would need to move to TLS V1 ?
RF-Network Name............................. admin-1
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: