Welcome to Cisco Support Community. We would love to have your feedback.
For an introduction to the new site, click here. And see here for current known issues.
I see that relase 7.4(121.0) is affected by the new bashbug. Is it safe to say that previous versions of 7.4 also is affected. GNU bash 1.14 has been out for a few years.
Go to Solution.
Cisco Security Advisory has just been updated and WLC LAN controller has just been updated as product confirmed not vulnerable.
How do you understand the "Devices with default configuration" condition? To me, that suggests, out of the box, what is it referring to? Any ideas? Thanks.
"This code is not exploitable, and not exposed on currently shipping versions."
But which versions are affected is still not mentioned.
Known Affected Releases: (3)7.4(121.0)7.6(130.0)8.0(100.0)
This should tell you that WLC code (AireOS) incorporates bash and thus all versions are vulnerable to Shellshock. However, it does not appear to be currently exploitable.
As mentioned by wifi yogi only 7.4,7.6 and 8.0 are affected however you should not be worried.
Because as per vulnerability you should should be able to do have SSH access(Bash) device however in WLC only CLI access is available thus it can not be exploited.
So you should NOT be worried and when a patched code is available you can transfer over to that code.
Thank you for the update.