Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

vulnerability (Unauthorized Access Vulnerability (CSCtu56709)

good day,

I was wondering if someone can tell me when you can leave a more stable release for the vulnerability (Unauthorized Access Vulnerability (CSCtu56709)).

I have 6 wireless controllers with the affected version (controllers 4402 and one 3750.)

in security advisory cisco indicate that I have to make the migration from version 7.0.98.218 to version 7.0.220.4 ... but at times had problems with one of these releases ... because the release had a bug and there was no patch for the same and I had to do a rollback

somebody already tested this release??

4 REPLIES
Community Member

vulnerability (Unauthorized Access Vulnerability (CSCtu56709)

Tiago,

Thanks for taking the time out to try our tool. We have reached out to the concerned engineering team on your query. We should be able to get back to you with their inputs.

Thanks,

Deepika

Community Member

vulnerability (Unauthorized Access Vulnerability (CSCtu56709)

Hi Deepika,

This vulnerability exists if CPU-based access control lists (ACLs) are configured in the wireless controller. An attacker can exploit this vulnerability by connecting to the controller over TCP port 1023.

but how did the hacker (attacker) discovers and connects to the controller interface ip range configured in the ACL is different from the management IP of the parent.

example:

Controller IP = 10.0.240.250

IP client wireless (free) = 172.16.20.47-->(wireless guest)

1st  ACL deny any ip to the target 172.16.0.0

i test connect my ipad to the controller ip with telnet and use port 1023 but connection give me error

for my security i disable wireless managment controllers...

so there is possibility of the hacker access controller??

Community Member

vulnerability (Unauthorized Access Vulnerability (CSCtu56709)

Tiago,

The engineering team got back to us saying that the trigger for this is a CPU ACL
applied on the WLC (4400/foxhound/wism). If there is a permit any/any rule
it overrides the port 1023 rule and allows it. So, if your controllers have the permit any/any rule applied
when CPU ACLs are present. If you have such rule, then those controllers will be affected.

Thanks,
Deepika
Community Member

vulnerability (Unauthorized Access Vulnerability (CSCtu56709)

ok...

in access control list i have 2 ACL's configure ... but i have CPU ACL disable!

so there is no possibility of controllers affected?correct?!!!


Thanks,
723
Views
0
Helpful
4
Replies
CreatePlease to create content