Example blog

Checking for incorrect passwords allows anyone to connect to Cisco WLAN checks • The Registry

Cisco on Tuesday issued a critical security advisory for its Wireless LAN Controller (WLC), which is used in various Cisco products to manage wireless networks.

A vulnerability in the software’s authentication code (bug type CWE-303) could allow an unauthenticated remote attacker to bypass authentication controls and connect to the device through its management interface.

“This vulnerability is caused due to improper implementation of the password validation algorithm,” Cisco’s advisory states. “An attacker could exploit this vulnerability by logging into an affected device with specially crafted credentials.

“A successful exploit could allow the attacker to bypass authentication and log into the device as an administrator.”

The advisory refers to the vulnerability as CVE-2022-20695 and notes that if the flaw is successfully exploited, the attacker can gain administrator privileges. Cisco assigned the vulnerability a severity rating of 10.0 out of 10.0. That’s as bad as it gets for those whose rating scale doesn’t go to 11.0, aka “the call is coming from inside the house!”

The following Cisco products are affected if they are running Cisco WLC software version 8.10.151.0 or 8.10.162.0 and the MAC filter RADIUS compatibility mode is set to Other:

  • 3504 Wireless Controller
  • 5520 wireless controller
  • 8540 Wireless Controller
  • Express Mobility
  • Virtual Wireless Controller (vWLC)

This parameter, if not overriding, can be determined by entering the show macfilter summary command in the wlc command line interface for the device.

Creating a MAC address filter on a WLC provides administrators with a way to grant or deny access to the WLAN network based on the MAC address of the client. Cisco WLCs support local MAC authentication or MAC authentication using a RADIUS server.

The advisory, while dire, outlines potential workarounds for those who don’t use MAC filters in their environment. If so, just launch the CLI and enter config macfilter radius-compat cisco at the wlc prompt.

Even for those who To do use macfilters with their Cisco equipment, the CLI provides a way out by allowing modification of the macfilter compatibility setting either cisco or free.

Keep in mind that Cisco only provides these workarounds to people unable to fix immediately. The network equipment industry wants customers to understand that it is not responsible if mitigation efforts go wrong.

“Although these workarounds have been deployed and shown to be effective in a test environment, customers should determine applicability and effectiveness in their own environment and under their own operating conditions,” the advisory warns. .

Warning machine. ®

Speaking of serious bugs, HP updated its Teradici PCoIP client this month to close a bunch of libexpat security holes as well as the OpenSSL DoS hole we covered earlier.


Source link