I'n Blog 之萬象真藏

In an advisory published on Thursday, Cisco warned that its Wireless Control System, or WCS, contains multiple vulnerabilities that can result in information disclosure, privilege escalation and unauthorized access to the network.

The WCS works in conjunction with Cisco Aironet lightweight access points, Cisco wireless LAN controllers and the Cisco Wireless Location Appliance by providing tools for planning and design, system configuration, location tracking, security monitoring and wireless LAN management.

Versions affected are those prior to 4.0.96.0.

In a second advisory, Cisco alerted IT managers to multiple vulnerabilities in its wireless LAN controller, routers and access points that could leave systems open to denial-of-service attacks, information disclosure and access control list changes, and could allow an attacker to gain full administrative access.

Further details of affected versions and equipment can be found in the advisory.

Cisco urged customers owning the affected products to apply the patches, which can be found on its Web site via hyperlinks in the advisories.