Wednesday, May 2, 2018

Cisco Aironet Access Points Central Web Authentication FlexConnect Client ACL Bypass Vulnerability

A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect access control list (ACL).

The vulnerability is due to the AP ignoring the ACL download from the client during authentication. An attacker could exploit this vulnerability by connecting to the targeted device with a vulnerable configuration. A successful exploit could allow the attacker to bypass a configured client FlexConnect ACL.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-acl
Security Impact Rating: Medium
CVE: CVE-2018-0250

from Cisco Security Advisory https://ift.tt/2w6uiKW

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.