CVE-2017-3854

Name of the Vulnerable Software and Affected Versions Cisco Wireless LAN Controller (WLC) software (affected versions not specified)

Description A vulnerability in the mesh code could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. The issue is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point, potentially allowing control of traffic or full control of the target system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.