Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

WLC - Bash ShellShock Security Bug

Cisco has said that the WLC are vulnerable, i am trying to understand how much and in what scenario.

From what i have read only cgi pages are vulnerable, so i guess that a WLC cant be compromissed without a valid authentication in the GUI.

I have run some tests in a Lamp server and i can run code on it via the exploit , but when i run the test on the login page of the WLC i cant run the command (ping x.x.x.x).

 

So it seems that although the bash has the vulnerability it cant be exploited via web, at least not before a user is authenticated or at least not the way i am testing...

 

PS - I havent tested the guest portal login and logout page for this vulnerability.

 

So the big question is can we live with the Wlc in production  without restrictions until a patche comes? 

Can we use the Guest authentication portal ?

  • Security and Network Management
1 ACCEPTED SOLUTION

Accepted Solutions
Gold

WLC evaluation for CVE-2014

WLC evaluation for CVE-2014-6271 and CVE-2014-7169
CSCur02981
Symptoms:
The Cisco Wireless LAN Controller includes a version of bash that is affected by the vulnerabilities
identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-6271
CVE-2014-7169

This code is not exploitable, and not exposed on currently shipping versions.



Conditions:
Devices with default configuration.

Workaround:
None needed

Further Problem Description:

PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C

The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.

Additional information on Cisco's security vulnerability policy can be
found at the following URL:

http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Last Modified:
Sep 26,2014
Status:
Open
Severity:
3 Moderate
Product:
Cisco 5500 Series Wireless Controllers
Known Affected Releases:
(3)
7.4(121.0)
7.6(130.0)
8.0(100.0)
2 REPLIES
New Member

https://supportforums.cisco

https://supportforums.cisco.com/discussion/12311161/gnu-bashbug-cscur02981

 

Vulnerable but not currently exploitable.

Gold

WLC evaluation for CVE-2014

WLC evaluation for CVE-2014-6271 and CVE-2014-7169
CSCur02981
Symptoms:
The Cisco Wireless LAN Controller includes a version of bash that is affected by the vulnerabilities
identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-6271
CVE-2014-7169

This code is not exploitable, and not exposed on currently shipping versions.



Conditions:
Devices with default configuration.

Workaround:
None needed

Further Problem Description:

PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:

https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C

The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.

Additional information on Cisco's security vulnerability policy can be
found at the following URL:

http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Last Modified:
Sep 26,2014
Status:
Open
Severity:
3 Moderate
Product:
Cisco 5500 Series Wireless Controllers
Known Affected Releases:
(3)
7.4(121.0)
7.6(130.0)
8.0(100.0)
293
Views
0
Helpful
2
Replies
This widget could not be displayed.