Wi-Fi gear, WLAN controllers, ISE get security patches
13 Jan 2016 at 21:23, Richard ChirgwinCisco sysadmins have a busy day ahead of them, with vulnerabilities announced in wireless LAN controllers, the Cisco Identity Services Engine, and Aironet access points.
The Aironet 1800 series flaw, CVE-2015-6336, is that old favorite: a hardcoded static password granting access to the device.
Luckily, the account with the hardwired credential doesn't have admin privilege, so Cisco reckons its exposure is limited to denial-of-service attacks. The access points that need updating are the 1830e, 1830i, 1850e and 1850i.
Full Article