PT-2017-9992 · Cisco+1 · Cisco Aironet 2800 Series Access Point+3
Published
2017-04-07
·
Updated
2017-07-12
·
CVE-2016-9196
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms versions 8.2(121.0) through 8.3(102.0)
Description
A vulnerability in login authentication management could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The attacker must have the root password to exploit this issue.
Recommendations
For versions 8.2(121.0) through 8.2(124.0), update to version 8.2(124.1) or later.
For versions 8.2(124.1) through 8.2(130.0), update to version 8.2(130.0) or later.
For versions 8.3(102.0) through 8.3(104.22), update to version 8.3(104.23) or later.
For versions 8.3(104.23) through 8.3(110.0), update to version 8.3(111.0) or later.
For all other affected versions, update to version 8.4(1.52) or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Aironet 1800 Series Access Point
Cisco Aironet 2800 Series Access Point
Cisco Aironet 3800 Series Access Point
Linux