The following table lists Cisco products that are affected by the vulnerability described in this advisory:
| Product | Cisco Bug ID |
Fixed Release Availability |
|---|---|---|
| Cisco 1540 Aironet Series Outdoor Access Points | CSCvk44163 | 8.8.100.0 |
| Cisco 1800i Aironet Access Points |
CSCvk44163 | 8.8.100.0 |
| Cisco 1810 Aironet Access Points | CSCvk44163 | 8.8.100.0 |
| Cisco 1815i Aironet Access Points | CSCvk44163 | 8.8.100.0 |
| Cisco 1815m Aironet Access Points | CSCvk44163 | 8.8.100.0 |
| Cisco 1815w Aironet Access Points | CSCvk44163 | 8.8.100.0 |
| Cisco 4800 Aironet Access Points | CSCvk44163 | 8.8.100.0 |
| Meraki MR30H AP | N/A | MR 25.13 and later |
| Meraki MR33 AP |
N/A | MR 25.13 and later |
| Meraki MR42E AP | N/A |
MR 25.13 and later |
| Meraki MR53E AP |
N/A |
MR 25.13 and later |
| Meraki MR74 | N/A |
MR 25.13 and later |
Determining if the Cisco Aironet Access Point Supports BLE
Cisco Aironet Access Points first supported the BLE feature in software release 8.7, which means an Access Point is only vulnerable if running software release 8.7.102.0 or 8.7.106.0. To determine if a device supports BLE, the administrator can issue the show controllers bleRadio 0 interface command. If the command is not recognized or the error message BLE not supported on this platform is displayed, the Access Point does not support BLE and is considered not vulnerable.
ap# show controllers bleRadio 0 interface % Unrecognized command
ap# show controllers bleRadio 0 interface BLE not supported on this platform
Determining if the Cisco Aironet Access Point with BLE Support is Vulnerable
If a Cisco Aironet Access Point does support BLE, it is only vulnerable if BLE is active and BLE scan mode is enabled (BLE scan mode is disabled by default). The administrator can issue the show controllers bleRadio 0 interface command and if the Device Status is Unknown the Access Point is not vulnerable.
ap# show controllers bleRadio 0 interface
Active BLE host interface : /dev/ttyMSM1
Device Status : Unknown
Device resets : 0
Heart beat status : Off
The Cisco Aironet Access Points have BLE scan mode disabled by default. The administrator can issue show controllers bleRadio 0 timers and if the Scan timer status is Not Running, the Access Point is not vulnerable.
ap# show controllers bleRadio 0 timers
Timers
------
Scan timer status : Not Running
In addition, if the administrator issues the show controllers bleRadio 0 scan brief and there are no entries displayed, the Access Point is not vulnerable.
ap# show controllers bleRadio 0 scan brief
Profile MAC RSSI(-dBm) RSSI@1meter(-dBm) Last-heard
Determining the Cisco Wireless LAN Controller Software Release
To determine which Cisco Wireless LAN Controller (WLC) Software release is running on a device, administrators can use the controller’s web interface or the CLI.
To use the web interface, do the following:
- In a browser, log in to the controller’s web interface
- Click the Monitor tab
- Click Summary in the left pane
- Under Controller Summary, the Software Version field shows the release number of the software that is currently running on the device
To use the CLI, log in to the controller via Telnet, issue the show sysinfo command, and then refer to the value in the Product Version field of the command output. The following example shows the command output for a device that is running Cisco WLC Software Release 8.7.106.0:
(wlc)> show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.7.106.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
.
.
.
Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following Cisco products:
- Aironet 1800s Active Sensor
- Aironet 1815t Series Access Points
- Aironet 1830 Series Access Points
- Aironet 1850 Series Access Points
- Aironet 2800 Series Access Points
- Aironet 3800 Series Access Points
- Aironet Access Points - Running Cisco IOS Software
from Cisco Security Advisory https://ift.tt/2qoyFuW
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.