Title: Cisco Aironet Web Administration Access Vulnerability
Severity: HIGH
Description:
Aironet Wireless Bridges are devices manufactured by Cisco Systems. Aironet Bridges provide a link between landline and wireless networks. These bridges include both a command line and web based management interface.
A vulnerability in the firmware used on certain bridges make it possible to change the configuration of the bridge. This problem affects the web-based management interface included in the firmware used on Aironet Bridges.
The web based interface allows remote users to view and alter the configuration of the bridge, even with the web-based management interface turned off. Additionally, the interface can be reached via both the wireless and landline interfaces.
This vulnerability affects the following switches:
Aironet AP4500, Aironet AP4800, Aironet BR100, Aironet BR500, Cisco Aironet AIR-BR340.
Affected Products:
- Cisco Aironet Firmware 7.0.0.x
- Cisco Aironet Firmware 8.0.07
- Cisco Aironet Firmware 8.24.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
