Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Hall of Fame Super Blue

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1


@florian.hanig1 wrote:

Okay thank you.

 

So I sould upgrade to 8.3.130.0 now ?

In 8.3.130.0 are fixed all the issues ??


Hold off doing anything for a few days.  

There have been no known events where someone has managed to use this exploit.  

Community Member

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1

Hello,

 

I've seen that version 8.3.131.0 is now released.

But the link to the release notes gotes to 8.3.130.

 

Is the 8.3.131 also fixed for the WPA2 KRACK attack ?

 

 

Hall of Fame Super Blue

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1

Yes, 8.3.131.0 is the fix for KRACK.

Community Member

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1

Okay thank you.

 

So with 8.3.131.0 I can reenable FT on my WLC and I'm safe, right ?

Or should I change any settings to be safe ?

 

Thank you.

Hall of Fame Super Blue

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1


@florian.hanig1 wrote:

So with 8.3.131.0 I can reenable FT on my WLC and I'm safe, right ? 


Correct.  FT can be re-enabled.  Please see updated post below.

Highlighted
Hall of Fame Super Blue

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1

Kindly delay with doing any upgrade to 8.3.130.0.  During their testing phase (after the release) they found some issues affecting non-Wave 2 APs.  They've found what the issue is and they're testing the new fix before releasing a new fix version on 23 October 2017.  

I have updated my earlier post of the ETA of the fix to reflect the new development.  

Hall of Fame Super Blue

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1


@florian.hanig1 wrote:

So I sould upgrade to 8.3.130.0 now ?

In 8.3.130.0 are fixed all the issues ??


A quick update to anyone reading this thread and intending to upgrade to 8.3.132.0:
Cisco TAC has recommended anyone to HOLD OFF upgrading to 8.3.132.0. TAC has identified a Severity 1 bug which causes the controller to crash after upgrading to 8.3.132.0.
There are no reported issues in regards to other versions.

Hall of Fame Super Blue

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1

Software fix for the KRACK vulnerability is now available for download. They are 8.0.152.0, 8.2.164.0, 8.3.132.0 and 8.5.105.0.
Community Member

Re: CSCvf47808 - Key Reinstallation attacks against WPA protocol - 1

Good Day,

 

Is WLC Software version 8.2.161.0 Key Reinstallation Attacks "safe"?

 

 

2918
Views
35
Helpful
23
Replies
CreatePlease to create content