Cisco Warns Of Bugs In Wireless LAN Controllers - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

Cisco Warns Of Bugs In Wireless LAN Controllers

The vulnerabilities affect Cisco Wireless LAN Controllers, but the company is offering a workaround.

Cisco Systems released a security advisory on Tuesday afternoon to address several vulnerabilities in its Wireless LAN Controllers that could enable hackers to cause a denial-of-service on the affected network.

The flaws lie in the handling of Address Resolution Protocol (ARP) packets. The advisory noted that a unicast ARP request may be flooded on the LAN links between Wireless LAN Controllers in a mobility group. A vulnerable WLC may mishandle unicast ARP requests from a wireless client, leading to an ARP storm.

The bugs affect versions 4.1, 4.0, 3.2, and prior versions of the Wireless LAN Controller software, according to the advisory.

The protocol provides a mapping between a device's IP address and its hardware address on the local network. And the Cisco Wireless LAN Controllers provide real-time communication between lightweight access points and other wireless LAN controllers for centralized system-wide WLAN configuration and management functions, according to Cisco.

As a workaround, Cisco is recommending that operators require all clients to obtain their IP addresses from a DHCP server. A DHCP, or Dynamic Host Configuration Protocol. is a set of rules used to allow a device to obtain an IP address from a server. To enforce the workaround, all WLANs can be configured with a DHCP Required setting, which disallows client static IP addresses, Cisco noted. If DHCP Required is selected, clients must obtain an IP address via DHCP. Any client with a static IP address will not be allowed on the network. The controller monitors DHCP traffic because it acts as a DHCP proxy for the clients.

Earlier this month, Cisco released two security bulletins to warn IT managers about vulnerabilities in its Unified Communications Manager. In one advisory, Cisco noted the Unified Communications Manager, which used to be known as CallManager, contained two overflow vulnerabilities. The flaws, according to the company, could enable a remote, unauthenticated hacker to execute arbitrary and malicious code or cause a denial-of-service.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Commentary
New Storage Trends Promise to Help Enterprises Handle a Data Avalanche
John Edwards, Technology Journalist & Author,  4/1/2021
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
Commentary
How to Submit a Column to InformationWeek
InformationWeek Staff 4/9/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll