发布日期：2013-01-23
更新日期：2013-01-24

受影响系统：

Cisco Wireless LAN Control 7.2
Cisco Wireless LAN Control 7.1
Cisco Wireless LAN Control 7.0

不受影响系统：

Cisco Wireless LAN Control 7.2.103.0
Cisco Wireless LAN Control 7.1.91.0
Cisco Wireless LAN Control 7.0.220.0

描述：

---

BUGTRAQ  ID: 57524
CVE(CAN) ID: CVE-2013-1105

Cisco WLC 负责全系统的无线LAN功能，例如安全策略、入侵保护、RF管理，服务质量和移动性。

Cisco WLC设备存在未授权访问漏洞，即使禁用了“management over wireless”功能，经过身份验证的攻击者可通过SNMP查看并修改受影响Cisco WLC的配置。

<*来源：Cisco
  
  链接：http://seclists.org/fulldisclosure/2013/Jan/208
        http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-20130123-wlc）以及相应补丁:

cisco-sa-20130123-wlc：Multiple Vulnerabilities in Cisco Wireless LAN Controllers
链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc

浏览次数：3819
严重程度：0（网友投票）