QID 317143

Date Published: 2022-04-18

QID 317143: Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability (cisco-sa-wlc-auth-bypass-JRNhV4fF)

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software
could allow an unauthenticated, remote attacker to bypass authentication
controls and log in to the device through the management interface.

Affected Products
Cisco products if they are running Cisco WLC Software
Release 8.10.151.0 and later, prior to 8.10.171.0 and have macfilter radius compatibility configured as Other:
3504 Wireless Controller
5520 Wireless Controller
8540 Wireless Controller
Mobility Express
Virtual Wireless Controller (vWLC)
Note: Potential detection as cannot confirm the configuration as macfilter radius compatibility as other.
No support for Mobility Express and Virtual Wireless Controller (vWLC)

QID Detection Logic (Authenticated):
The check matches affected versions retrieved via SNMP.

A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator.
The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials.

  • CVSS V3 rated as Critical - 8.8 severity.
  • CVSS V2 rated as High - 7.5 severity.
    • Solution

    Customers are advised to refer to cisco-sa-wlc-auth-bypass-JRNhV4fF for more information.

    Vendor References

    CVEs related to QID 317143

    CVE-2022-20695 |
    Software Advisories
    Advisory ID Software Component Link
    cisco-sa-wlc-auth-bypass-JRNhV4fF URL Logo tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].