By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The vulnerability in Aironet 1100, 1200 and 1400 access points could allow an intruder sniffing a wireless network to capture encryption keys being transmitted as plain text in corporate networks using SNMP network management servers.
Companies most likely to be affected are those using the vulnerable Aironet devices with Cisco's Internetwork operating system alongside an SNMP server, with Wireless Equivalent Privacy keys for encryption enabled. If a business is using this configuration along with an option enabled in the access point which allows "SNMP traps", the device will transmit WEP keys unencrypted.
Cisco users can download a patch that fixes the flaw from the company's website. They can also disable the "snmp-server-enable-traps" option in Internetwork.
SNMP traps are alerts that devices create when events occur.