Walden Systems Geeks Corner News Cisco Aironet Access Point High-Severity Flaws Rutherford NJ New Jersey NYC New York City North Bergen County

Cisco Aironet Access Point High-Severity Flaws

Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

Cisco Systems released a security update fixing critical and high-severity flaws impacting its Aironet access points. Aironet access points are entry-level wireless access points used by mid-size enterprises in their offices. The most severe flaw is a glitch that could allow unauthenticated, remote hackers to gain unauthorized access to devices giving them elevated privileges. The privileges includes the ability to view sensitive data and tamper with the device configuration. The flaw exists in Cisco's software that powers the Aironet networking APs, which allow other Wi-Fi devices to connect to a wired network.

The flaw is due to insufficient access control for certain URLs on impacted Aironet devices. A hacker could exploit this vulnerability by requesting specific URLs from an affected AP, using the AP's web-based configuration management system. Affected Aironet APs include the 1540, 1560, 1800, 2800, 3800 and 4800 series.

Another flaw is in a processing functionality in Aironet access points that specifically processes point-to-point tunneling protocol VPN packets. These are an obsolete method for implementing virtual private networks on devices. The flaw could allow an unauthenticated, remote hacker to cause an affected device to reload, resulting in a denial-of-service.

The vulnerability is due to improper resource management during Control and Provisioning of Wireless Access Points message processing. A hacker could exploit this vulnerability by sending a high volume of legitimate wireless management frames within a short time to an affected device. A successful exploit could allow the hacker to cause a device to restart unexpectedly, resulting in a DoS condition for clients associated with the APs.

Overall, Cisco issued patches for 41 vulnerabilities. The patch was released in September. Cisco released patches for 29 bugs that addressed flaws in a wide range of its products including routers and switches running the IOS XE networking software. Thirteen of the vulnerabilities revealed are rated high severity.