News

Cisco releases security patch for Aironet

Antony Adshead
Aironet wireless access point users faced a rushed upgrade following a Cisco security alert two weeks ago.

The vulnerability in Aironet 1100, 1200 and 1400 access points could allow an intruder sniffing a wireless network to capture encryption keys being transmitted as plain text in corporate networks using SNMP network management servers.

Companies most likely to be affected are those using the vulnerable Aironet devices with Cisco's Internetwork operating system alongside an SNMP server, with Wireless Equivalent Privacy keys for encryption enabled. If a business is using this configuration along with an option enabled in the access point which allows "SNMP traps", the device will transmit WEP keys unencrypted.

Cisco users can download a patch that fixes the flaw from the company's website. They can also disable the "snmp-server-enable-traps" option in Internetwork.

SNMP traps are alerts that devices create when events occur.

www.cisco.com/global/UK

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy