Cisco releases security patch for Aironet


Cisco releases security patch for Aironet

Antony Adshead
Aironet wireless access point users faced a rushed upgrade following a Cisco security alert two weeks ago.

The vulnerability in Aironet 1100, 1200 and 1400 access points could allow an intruder sniffing a wireless network to capture encryption keys being transmitted as plain text in corporate networks using SNMP network management servers.

Companies most likely to be affected are those using the vulnerable Aironet devices with Cisco's Internetwork operating system alongside an SNMP server, with Wireless Equivalent Privacy keys for encryption enabled. If a business is using this configuration along with an option enabled in the access point which allows "SNMP traps", the device will transmit WEP keys unencrypted.

Cisco users can download a patch that fixes the flaw from the company's website. They can also disable the "snmp-server-enable-traps" option in Internetwork.

SNMP traps are alerts that devices create when events occur.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy