By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
The vulnerability in Aironet 1100, 1200 and 1400 access points could allow an intruder sniffing a wireless network to capture encryption keys being transmitted as plain text in corporate networks using SNMP network management servers.
Companies most likely to be affected are those using the vulnerable Aironet devices with Cisco's Internetwork operating system alongside an SNMP server, with Wireless Equivalent Privacy keys for encryption enabled. If a business is using this configuration along with an option enabled in the access point which allows "SNMP traps", the device will transmit WEP keys unencrypted.
Cisco users can download a patch that fixes the flaw from the company's website. They can also disable the "snmp-server-enable-traps" option in Internetwork.
SNMP traps are alerts that devices create when events occur.