COMMAND
Cisco
SYSTEMS AFFECTED
Cisco Aironet 340 Series Wireless Bridge
PROBLEM
Following is based on a Cisco Security Advisory. It is possible
to view and modify the bridge's configuration via Web interface
even when Web access is disabled in the configuration. This
defect is documented as Cisco bug ID CSCdt52783. This defect is
present in the following hardware models:
* Aironet AP4500,
* Aironet AP4800,
* Aironet BR100,
* Aironet BR500,
* Cisco Aironet AIR-BR340
The firmware release 8.55 is the first image which contains the
fix. All previous firmware releases for listed devices are
vulnerable. No other Aironet/Cisco Aironet wireless product is
affect by this vulnerability. This advisory is available at the
http://www.cisco.com/warp/public/707/Aironet340-pub.shtml
The following hardware models are affected:
* Aironet AP4500,
* Aironet AP4800,
* Aironet BR100,
* Aironet BR500,
* Cisco Aironet AIR-BR340
They are vulnerable to this defect if they are running any of the
following firmware releases:
* 7.X
* 8.07
* 8.24
It is possible to view and modify the bridge's configuration,
using Web interface, despite it being explicitly disabled. This
vulnerability is exploitable over the wired and wireless link
alike.
An attacker is able to modify the bridge's configuration. It is
necessary for an attacker to obtain connectivity to the bridge.
That can be done either using wired or wireless Ethernet
interface.
SOLUTION
The release 8.55 is the first release where this vulnerability is
fixed. No other Aironet/Cisco Aironet wireless products are
affected by this defect.
There is no workaround if an attack is coming from wired Ethernet
interface. To mitigate this vulnerability if an attack is coming
over the wireless link the following actions may be taken:
* Change SSID to non guessable value
* Turn on WEP encryption if possible
* On bridges (BR100, BR500 and AIR-BR340) turn off access
point mode. That will disallow direct access to the bridge
by any client.