ESB-2017.2601.3 - UPDATE [Cisco] Cisco Products: Multiple vulnerabilities 2017-10-27

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2017.2601.3
       Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi
                            Protected Access II
                              27 October 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco Products
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Access Privileged Data         -- Remote/Unauthenticated      
                   Provide Misleading Information -- Remote with User Interaction
Resolution:        Mitigation
CVE Names:         CVE-2017-13088 CVE-2017-13087 CVE-2017-13086
                   CVE-2017-13084 CVE-2017-13082 CVE-2017-13081
                   CVE-2017-13080 CVE-2017-13079 CVE-2017-13078
                   CVE-2017-13077  

Reference:         ESB-2017.2599
                   ESB-2017.2600

Original Bulletin: 
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

Revision History:  October 27 2017: Vendor provided further updates
                   October 19 2017: Vendor provided updates
                   October 17 2017: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

High

Advisory ID: cisco-sa-20171016-wpa

First Published: 2017 October 16 14:00  GMT

Last Updated: 2017 October 25 21:18  GMT

Version 2.2: Interim

Workarounds: Yes

Cisco Bug IDs:
CSCvf71749
CSCvf71751
CSCvf71754
CSCvf71761
CSCvf96789
CSCvf96814
CSCvf96818
CSCvg10793
CSCvg35287
CSCvg42682
 
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088
CWE-320

CVSS Score: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X

Summary

  o On October 16th, 2017, a research paper with the title of "Key
    Reinstallation Attacks: Forcing Nonce Reuse in WPA2" was made publicly
    available. This paper discusses seven vulnerabilities affecting session key
    negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi
    Protected Access II (WPA2) protocols. These vulnerabilities may allow the
    reinstallation of a pairwise transient key, a group key, or an integrity
    key on either a wireless client or a wireless access point. Additional
    research also led to the discovery of three additional vulnerabilities (not
    discussed in the original paper) affecting wireless supplicant supporting
    either the 802.11z (Extensions to Direct-Link Setup) standard or the
    802.11v (Wireless Network Management) standard. The three additional
    vulnerabilities could also allow the reinstallation of a pairwise key,
    group key, or integrity group key.

    Among these ten vulnerabilities, only one (CVE-2017-13082) may affect
    components of the wireless infrastructure (for example, Access Points), the
    other nine vulnerabilities affect only client devices.

    Multiple Cisco wireless products are affected by these vulnerabilities.

    Cisco will release software updates that address these vulnerabilities.
    There are workarounds that addresses the vulnerabilities in CVE-2017-13077,
    CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, and
    CVE-2017-13082. There are no workarounds for CVE-2017-13086,
    CVE-2017-13087, and CVE-2017-13088.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20171016-wpa

    NOTE: Additional testing performed on October 20, 2017, resulted in the
    discovery that the software fixes for CVE-2017-13082 on Cisco Access Points
    running Cisco IOS Software may not provide complete protection. Software
    for those devices incorporating additional fixes was made available on
    October 22 and 23, 2017. See the Fixed Software section of this advisory
    for additional information on fix availability and applicability to your
    specific deployment scenario.


Affected Products

  o Cisco is investigating its product line to determine which products may be
    affected by these vulnerabilities. As the investigation progresses, Cisco
    will update this advisory with information about affected products,
    including the ID of the Cisco bug for each affected product.

    For information about whether a product is affected by these
    vulnerabilities, refer to the Vulnerable Products and Products Confirmed
    Not Vulnerable sections of this advisory. The Vulnerable Products section
    includes Cisco bug IDs for each affected product. The bugs are accessible
    through the Cisco Bug Search Tool and contain additional platform-specific
    information, including workarounds (if available) and fixed software
    releases.

    There are no Cisco products affected by the vulnerability identified by
    CVE-2017-13084.

    The following products are under active investigation to determine whether
    they are affected by the vulnerabilities that are described in this
    advisory.

    Products Under Investigation

    Routing and Switching - Small Business
      - Cisco Small Business CVR100W Wireless-N VPN Router
      - Cisco Small Business RV110W Wireless-N VPN Firewall
      - Cisco Small Business RV120W Wireless-N VPN Firewall
      - Cisco Small Business RV132W ADSL2+ Wireless-N VPN Router
      - Cisco Small Business RV134W VDSL2 Wireless-AC VPN Router
      - Cisco Small Business RV180W Wireless-N Multifunction VPN Router
      - Cisco Small Business RV215W Wireless-N VPN Router
      - Cisco Small Business RV220W Wireless Network Security Firewall
      - Cisco Small Business RV315W Wireless-N VPN Router
      - Cisco Small Business RV340W Dual WAN Gigabit Wireless AC VPN Router
    Voice and Unified Communications Devices
      - Cisco DX Series IP Phones (DX650, DX70 and DX80) running Android-based
        firmware.
      - Cisco Spark Board
   

    Vulnerable Products

    The following table lists Cisco products that are affected by one or more
    vulnerabilities described in this advisory.


               Product             Cisco Bug     Fixed Release Availability
                                       ID
                       Endpoint Clients and Client Software
    Cisco AnyConnect Secure
    Mobility Client - Network      CSCvg35287 v4.5.02036; available now
    Access Manager
                      Routing and Switching - Small Business
    Cisco Small Business RV130W               No fix information available at
    Wireless-N Multifunction VPN   CSCvf96827 this time.
    Router
                     Voice and Unified Communications Devices
    Cisco DX Series IP Phones
    (DX70 and DX80) when running   CSCvf71761 9.2.1 (10-Nov-2017)
    Collaboration Endpoint (CE)               8.3.4 (31-Oct-2017)
    software
    Cisco IP Phone 8861            CSCvf71751 12.0.1SR1; available now
    Cisco IP Phone 8865            CSCvf71751 12.0.1SR1; available now
    Cisco Spark Room Series        CSCvf71761 9.2.1 (10-Nov-2017)
                                              8.3.4 (31-Oct-2017)
    Cisco Wireless IP Phone 8821   CSCvf71749 11.0(3)SR5; available now
                                     Wireless
                                              See the Fixed Software section of
    Cisco 1100 Series Integrated   CSCvg42682 this advisory for fix
    Services Routers                          availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco 812 Series Integrated    CSCvg42682 this advisory for fix
    Services Routers                          availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco 819 Series Integrated    CSCvg42682 this advisory for fix
    Services Routers                          availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco 829 Industrial           CSCvg42682 this advisory for fix
    Integrated Services Routers               availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco 860 Series Integrated    CSCvg42682 this advisory for fix
    Services Routers                          availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco 880 Series Integrated    CSCvg42682 this advisory for fix
    Services Routers                          availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco 890 Series Integrated    CSCvg42682 this advisory for fix
    Services Routers                          availability depending on
                                              deployment scenario.
    Cisco AP541N Wireless Access   CSCvf96821 No fix will be provided.
    Point
                                              See the Fixed Software section of
    Cisco ASA 5506W-X w/ FirePOWER CSCvg42682 this advisory for fix
    Services                                  availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1040 Series      CSCvg42682 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1140 Series      CSCvg42682 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1250 Series      CSCvg42682 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1260 Series      CSCvg42682 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1520 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1530 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1540 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1550 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1560 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1570 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1600 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1700 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1810 Series      CSCvg10793 this advisory for fix
    OfficeExtend Access Points                availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1810w Series     CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1815 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1830 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 1850 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 2600 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 2700 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 2800 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 3500 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 3600 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 3700 Series      CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 3800 Series      CSCvg10793 this advisory for fix
    Access Points                             availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet 700 Series       CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet AP801 Access     CSCvg42682 this advisory for fix
    Point                                     availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet AP802 Access     CSCvg42682 this advisory for fix
    Point                                     availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet AP803 Access     CSCvg42682 this advisory for fix
    Point                                     availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Aironet Access Points    CSCvg42682 this advisory for fix
                                              availability depending on
                                              deployment scenario.
                                              See the Fixed Software section of
    Cisco Industrial Wireless 3700 CSCvg42682 this advisory for fix
    Series                                    availability depending on
                                              deployment scenario.
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR11              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR12              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR14              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR16              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR18              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR24              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR26              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
    Cisco Meraki MR30H             N/A        MR23.x: affected
                                              no fixes will be made available
                                              MR24.x: affected
                                              no fixes will be made available
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR32              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
    Cisco Meraki MR33              N/A        MR23.x: affected
                                              no fixes will be made available
                                              MR24.x: affected
                                              no fixes will be made available
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR34              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR42              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR52              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR53              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR58              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR62              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR66              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR72              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
    Cisco Meraki MR74              N/A        MR23.x: affected
                                              no fixes will be made available
                                              MR24.x: affected
                                              no fixes will be made available
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              MR20.x and previous releases: not
                                              affected
                                              MR21.x: affected
                                              no fixes will be made available
                                              MR22.x: affected
                                              no fixes will be made available
                                              MR23.x: affected
    Cisco Meraki MR84              N/A        no fixes will be made available
                                              MR24 up to and including MR24.10:
                                              affected
                                              first fixed in MR24.11
                                              available 16-Oct-2017
                                              MR25 up to and including MR25.6:
                                              affected
                                              first fixed in MR25.7
                                              available 16-Oct-2017
                                              See the Fixed Software section of
    Cisco Mobility Express         CSCvg10793 this advisory for fix
                                              availability depending on
                                              deployment scenario.
    Cisco WAP121 Wireless-N Access CSCvf96789 No fix information available at
    Point with Single Point Setup             this time.
    Cisco WAP125 Wireless-AC Dual             No fix information available at
    Band Desktop Access Point with CSCvf96792 this time.
    PoE
    Cisco WAP131 Wireless-N Dual   CSCvf96801 No fix information available at
    Radio Access Point with PoE               this time.
    Cisco WAP150 Wireless-AC/N                No fix information available at
    Dual Radio Access Point with   CSCvf96803 this time.
    PoE
    Cisco WAP321 Wireless-N Access CSCvf96789 No fix information available at
    Point with Single Point Setup             this time.
    Cisco WAP351 Wireless-N Dual              No fix information available at
    Radio Access Point with 5-Port CSCvf96801 this time.
    Switch
    Cisco WAP361 Wireless-AC N                No fix information available at
    Dual Radio Wall Plate Access   CSCvf96803 this time.
    Point with PoE
    Cisco WAP371 Wireless-AC N                No fix information available at
    Access Point with Single Point CSCvf96814 this time.
    Setup
    Cisco WAP551 Wireless-N Single            No fix information available at
    Radio Selectable Band Access   CSCvf96818 this time.
    Point
    Cisco WAP561 Wireless-N Dual              No fix information available at
    Radio Selectable Band Access   CSCvf96818 this time.
    Point
    Cisco WAP571 Wireless-AC N                No fix information available at
    Premium Dual Radio Access      CSCvf96820 this time.
    Point with PoE
    Cisco WAP571E Wireless-AC N               No fix information available at
    Premium Dual Radio Outdoor     CSCvf96820 this time.
    Access Point
    Cisco WAP581 Wireless-AC Dual             No fix information available at
    Radio Wave 2 Access Point with CSCvg07495 this time.
    2.5GbE LAN

    Assessing the configuration of a wireless deployment for CVE-2017-13082

    The vulnerability identified by CVE ID CVE-2017-13082 may affect only
    deployments that support the fast BSS transition (FT) feature and have it
    enabled.

    To determine whether the FT feature is enabled on a Wireless Lan Controller
    (WLC) device, administrators can log in to the device and use the show wlan
    command or the show wlan id command depending on the device model.

    The following example shows the output of the show wlan 1 command for a
    Cisco 3500 Series Wireless Controllers device where FT is enabled on wlan
    1:

        (w-3504-2) >show wlan 1
        ...
        Security
           802.11 Authentication:........................ Open System
           FT Support.................................... Enabled

        ...

    The following example shows the output of the show wlan id 1 command for a
    Cisco 5760 Series Wireless LAN Controller device where FT is disabled on
    wlan 1:

        W-5760-2>show wlan id 1 | include FT\ Support
            FT Support                                 : Disabled

    To determine whether the FT feature is enabled on a Standalone Access Point
    running Cisco IOS, administrators can log in to the device and use the show
    running-config | include dot11r command and verify that the command returns
    output.
     
    The following example shows the output of the show running-config | include
    dot11r command for an access point that has FT enabled:

        AP#show running-config | include dot11r
        authentication key-management wpa version 2 dot11r
         

    Please note that FT is not supported on deployments running a Wireless Lan
    Controller with AireOS version 7.0 and previous releases, hence such
    deployments are not affected by CVE-2017-13082.

    To determine which release of Cisco WLC Software is running on a device,
    administrators can use the web interface or the CLI.

    To use the web interface, log in to the web interface, click the Monitor 
    tab, and then click Summary in the left pane. The Software Version field
    shows the release number of the software currently running on the device.

    To use the CLI, issue the show sysinfo command, and then refer to the value
    in the Product Version field of the command output. The following example
    shows the output of the command for a device running Cisco WLC Software
    Release 8.3.102.0:


        (5500-4) >show sysinfo
        Manufacturer's Name.............................. Cisco Systems Inc.
        Product Name..................................... Cisco Controller
        Product Version.................................. 8.3.102.0
        Bootloader Version............................... 1.0.1
        Field Recovery Image Version..................... 6.0.182.0
        Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
        Build Type....................................... DATA + WPS
        .
        .
        .


    Products Confirmed Not Vulnerable

    No other Cisco products are currently known to be affected by these
    vulnerabilities.

    Cisco wireless access points configured as part of a mesh network are not
    currently known to be affected by these vulnerabilities.

    Cisco wireless access points running any 12.4-based Cisco IOS software
    releases are not affected by these vulnerabilities.

    Cisco has confirmed that these vulnerabilities do not affect the following
    products:

    Voice and Unified Communications Devices
      - Cisco Unified IP Phone 9971
      - Cisco Unified Wireless IP Phone 7925/7926

    Wireless
      - Cisco Aironet 1130 Series Access Points running Cisco IOS Software
      - Cisco Aironet 1240 Series Access Points running Cisco IOS Software
      - Cisco Aironet 1310 series Access Points running Cisco IOS Software
      - Cisco Aironet 600 Series OfficeExtend Access Point
      - Cisco Aironet Access Points running Cisco IOS Software - client/
        supplicant/workgroup bridge mode
      - Cisco Wireless LAN Controller - controller itself


Details

  o The following vulnerabilities were disclosed in the paper:

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - pairwise key reinstallation during the 4-way handshake vulnerability

    A vulnerability in the processing of the 802.11i 4-way handshake messages
    of the WPA and WPA2 protocols could allow an unauthenticated, adjacent
    attacker to force a supplicant to reinstall a previously used pairwise key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    establishing a man-in-the-middle position between supplicant and
    authenticator and retransmitting previously used message exchanges between
    supplicant and authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13077

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - group key reinstallation during the 4-way handshake vulnerability

    A vulnerability in the processing of the 802.11i 4-way handshake messages
    of the WPA and WPA2 protocols could allow an unauthenticated, adjacent
    attacker to force a supplicant to reinstall a previously used group key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    establishing a man-in-the-middle position between supplicant and
    authenticator and retransmitting previously used message exchanges between
    supplicant and authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13078

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - integrity group key reinstallation during the 4-way handshake
    vulnerability

    A vulnerability in the processing of the 802.11i 4-way handshake messages
    of the WPA and WPA2 protocols could allow an unauthenticated, adjacent
    attacker to force a supplicant to reinstall a previously used integrity
    group key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    establishing a man-in-the-middle position between supplicant and
    authenticator and retransmitting previously used message exchanges between
    supplicant and authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13079

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - group key reinstallation during the group key handshake vulnerability

    A vulnerability in the processing of the 802.11i group key handshake
    messages of the WPA and WPA2 protocols could allow an unauthenticated,
    adjacent attacker to force a supplicant to reinstall a previously used
    group key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    establishing a man-in-the-middle position between supplicant and
    authenticator and retransmitting previously used message exchanges between
    supplicant and authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13080

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - integrity group key reinstallation during the group key handshake
    vulnerability

    A vulnerability in the processing of the 802.11i group key handshake
    messages of the WPA and WPA2 protocols could allow an unauthenticated,
    adjacent attacker to force a supplicant to reinstall a previously used
    integrity group key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    establishing a man-in-the-middle position between supplicant and
    authenticator and retransmitting previously used message exchanges between
    supplicant and authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13081

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - pairwise key reinstallation during the Fast BSS Transition (FT) handshake
    vulnerability

    A vulnerability in the processing of the 802.11r Fast BSS (Basic Service
    Set) Transition handshake messages of the WPA and WPA2 protocols could
    allow an unauthenticated, adjacent attacker to force an authenticator to
    reinstall a previously used pairwise key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    passively eavesdropping on an FT handshake, and then replaying the
    reassociation request from the supplicant to the authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13082

    Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) protocols
    - station-to-station link (STSL) Transient Key (STK) reinstallation during
    the PeerKey handshake vulnerability

    A vulnerability in the processing of the 802.11 PeerKey handshake messages
    of the WPA and WPA2 protocols could allow an unauthenticated, adjacent
    attacker to force an STSL to reinstall a previously used STK.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    establishing a man-in-the-middle position between the stations and
    retransmitting previously used messages exchanges between stations.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13084

    The following vulnerabilities, while not disclosed on the paper, were also
    found during the same research cycle:

    Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key reinstallation in the
    TDLS handshake

    A vulnerability in the processing of the 802.11z (Extensions to Direct-Link
    Setup) TDLS handshake messages could allow an unauthenticated, adjacent
    attacker to force a supplicant that is compliant with the 802.11z standard
    to reinstall a previously used TPK key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    passively eavesdropping on a TDLS handshake and retransmitting previously
    used message exchanges between supplicant and authenticator.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13086

    Group key (GTK) reinstallation when processing a Wireless Network
    Management (WNM) Sleep Mode Response frame

    A vulnerability in the processing of the 802.11v (Wireless Network
    Management) Sleep Mode Response frames could allow an unauthenticated,
    adjacent attacker to force a supplicant that is compliant with the 802.11v
    standard to reinstall a previously used group key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    passively eavesdropping and retransmitting previously used WNM Sleep Mode
    Response frames.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13087

    Integrity group key (IGTK) reinstallation when processing a Wireless
    Network Management (WNM) Sleep Mode Response frame

    A vulnerability in the processing of the 802.11v (Wireless Network
    Management) Sleep Mode Response frames could allow an unauthenticated,
    adjacent attacker to force a supplicant that is compliant with the 802.11v
    standard to reinstall a previously used integrity group key.

    The vulnerability is due to ambiguities in the processing of associated
    protocol messages. An attacker could exploit this vulnerability by
    passively eavesdropping and retransmitting previously used WNM Sleep Mode
    Response frames.

    This vulnerability has been assigned the following CVE ID: CVE-2017-13088

    NOTE: Fixes should be installed on both affected access point and wireless
    clients for a complete solution. Installing a fixed software release on an
    affected access point will fix that particular device, but will not prevent
    exploitation of any vulnerabilities affecting a wireless client. The
    converse is also true: installing a fix on a wireless client would fix that
    particular device, but would not prevent exploitation of any
    vulnerabilities affecting an access point. For a complete solution, both
    affected wireless access point and wireless clients should be updated, if
    vulnerable, to a fixed software release.

Workarounds

  o Workaround for CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
    CVE-2017-13080 and CVE-2017-13081

    Limiting the maximum number of Extensible Authentication Protocol (EAP)
    over LAN (EAPoL) key retries to 0 has been determined to be a valid
    workaround for these vulnerabilities. Setting the EAPoL retries value to 0
    means one message will be sent, there will be no retransmissions sent, and
    if the EAPoL timeout is exceeded the client will be removed.

    This workaround can be configured at the global level or at the individual
    wireless LAN (WLAN) level. Please note that the option to configure this
    workaround at the WLAN level is only available on Cisco WLC releases 7.6
    and later. Previous releases only allow configuration at the global (all
    WLANs) level.

    In order to configure this workaround at the global level (for all WLANs),
    use the following command in the WLC CLI:

        config advanced eap eapol-key-retries 0

    The command show advanced eap can be used to verify the configuration
    change is now active on the device (in bold on the following example
    output):


        (wlc-hostname) >show advanced eap
        EAP-Identity-Request Timeout (seconds)........... 30
        EAP-Identity-Request Max Retries................. 2
        EAP Key-Index for Dynamic WEP.................... 0
        EAP Max-Login Ignore Identity Response........... enable
        EAP-Request Timeout (seconds).................... 30
        EAP-Request Max Retries.......................... 2
        EAPOL-Key Timeout (milliseconds)................. 1000
        EAPOL-Key Max Retries............................ 0
        EAP-Broadcast Key Interval....................... 120


    In order to configure this workaround for a specific WLAN, the following
    two commands should be entered in the WLC CLI:

        config wlan security eap-params enable WLAN-NUMBER
        config wlan security eap-params eapol-key-retries 0 WLAN-NUMBER

    Both commands must be entered, and WLAN-NUMBER should be replaced with the
    actual WLAN number. In the following example, the workaround is being
    implemented on WLAN number 24:

        config wlan security eap-params enable 24
        config wlan security eap-params eapol-key-retries 0 24


    The command show wlan WLAN-NUMBER (where WLAN-NUMBER is replaced with the
    appropriate WLAN number) can be used then to verify the configuration
    change is now active on the device (in bold on the following example
    output):

        (wlc-hostname) >show wlan 24
        WLAN Identifier.................................. X
        Profile Name..................................... ftpsk
        Network Name (SSID).............................. ftpsk
        .
        .
        .
          Tkip MIC Countermeasure Hold-down Timer....... 60
          Eap-params.................................... Enabled
             EAP-Identity-Request Timeout (seconds)..... 30
             EAP-Identity-Request Max Retries........... 2
             EAP-Request Timeout (seconds).............. 30
             EAP-Request Max Retries.................... 2
             EAPOL-Key Timeout (milliseconds)........... 1000
             EAPOL-Key Max Retries...................... 0


    NOTE: Implementing the previous workaround may have negative impact on
    normal wireless client association to the access point in the following
    scenarios:
      - Clients which are slow or may drop initial processing of EAPoL message
        number 1 (M1). This is seen on some embedded/CPU-limited clients, which
        may receive the M1, and not be ready to process it after the 802.1x 
        authentication phase.
      - Environments with RF (Radio Frequency) interference, or a WAN
        connection between the access point (AP) and the WLC, which may result
        in packet drops at some point on transmission towards client.
    In either scenario the outcome would be an EAPoL exchange failure and the
    wireless client will lose its authentication, requiring it to restart the
    association/authentication processes.

    Workaround for CVE-2017-13082

    For customers who are concerned about CVE-2017-13082 (Accepting a
    Retransmitted FT Reassociation Request and Reinstalling the Pairwise Key
    While Processing It), the workaround is as follows:
      -  If no interactive applications such as Voice over IP (VoIP) or video
        are being used on the network, you can disable 11r support on the
        access point.
      - If VoIP applications are in use but the supplicants support CCKM (for
        example, Cisco Wireless Phones) - you can disable 11r support and
        reconfigure the clients to use CCKM (Cisco Centralized Key Management),
        which should provide a similar roaming experience.
    NOTE: Disabling 11r support may have negative performance and availability
    impact on the network. Customers should verify that disabling 11r would not
    negatively impact their environment before performing such configuration
    change on their infrastructure devices.

    No workarounds have been identified for CVE-2017-13086, CVE-2017-13087 or
    CVE-2017-13088. Any future workarounds that address these vulnerabilities
    will be documented in the respective Cisco bugs, which are accessible
    through the Cisco Bug Search Tool.

Fixed Software

  o 
    Updates for affected software releases will be published when they are
    available and information about those updates will be documented in Cisco
    bugs, which are accessible through the Cisco Bug Search Tool.

    When Cisco releases software updates that address these vulnerabilities,
    customers may only install and expect support for software versions and
    feature sets for which they have purchased a license. By installing,
    downloading, accessing, or otherwise using such software upgrades,
    customers agree to follow the terms of the Cisco software license:
    http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html

    Additionally, customers may only download software for which they have a
    valid license, procured from Cisco directly, or through a Cisco authorized
    reseller or partner. In most cases this will be a maintenance upgrade to
    software that was previously purchased. Free security software updates do
    not entitle customers to a new software license, additional software
    feature sets, or major revision upgrades.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page, to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to upgrade contain
    sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

    Customers Without Service Contracts

    Customers who purchase directly from Cisco but do not hold a Cisco service
    contract and customers who make purchases through third-party vendors but
    are unsuccessful in obtaining fixed software through their point of sale
    should obtain upgrades by contacting the Cisco TAC:
    http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html

    Customers should have the product serial number available and be prepared
    to provide the URL of this advisory as evidence of entitlement to a free
    upgrade.

    Fixed software availability for Cisco Wireless Access Points

    Unified Wireless Networks using Cisco Wireless LAN Controllers (WLC) and
    wireless networks using Mobility Express

    First Fixed Release as follows:


               8.0.152.0: available now
               8.2.164.0: available now
    CSCvg42682 8.3.132.0: available now
               8.5.105.0: available now
               8.6.100.0: TBD
               8.2.164.0: available now
    CSCvg10793 8.3.132.0: available now
               8.5.105.0: available now
               8.6.100.0: TBD



    NOTE: 8.0-based WLC software does not support the Cisco Wireless APs
    affected by CSCvg10793. CSCvg10793 will not be included on 8.0-based
    software releases.

    NOTE: Previously published software release 8.3.131.0 contains fixes for
    CSCvg10793 only and does not include fixes for CSCvg42682. Customers whose
    deployments are entirely composed of Wave 2 (AP-COS) wireless access points
    can download and deploy either 8.3.131.0 or 8.3.132.0 (or later) to fix
    CVE-2017-13082. Customers whose deployments include a mix of devices, some
    affected by CSCvg42682 (i.e., running Cisco IOS Software) and some affected
    by CSCvg10793 (i.e., Wave 2/AP-COS devices), or customers whose deployments
    only include devices affected by CSCvg42682 should instead download and
    install release 8.3.132.0 and later (if running an 8.3-based release) or
    any of the previously listed releases for a complete solution.

    NOTE: As of October 25, 2017, all published 8.3.13x.0 releases are impacted
    by Cisco bug ID CSCvf87731. Customers should work with their support
    provider to determine if this bug may impact their deployment and if they
    should postpone a software upgrade until a fix becomes available.

    Converged Wireless Networks using Cisco Catalyst 3650 Series Switches,
    Cisco Catalyst 3850 Series Switches, Cisco Catalyst 4500E Supervisor Engine
    8E or Cisco 5760 Wireless Lan Controller

    First fixed release: ETA November 7th, 2017

    Autonomous Access Points

    First Fixed Release TBD


Exploitation and Public Announcements

  o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any public announcements or malicious use of the vulnerabilities that are
    described in this advisory.

Source

  o These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef, PhD.
    Cisco would like to thank Dr. Vanhoef and Prof. Frank Piessens, both from
    Katholieke Universiteit Leuven, for their continued help and support during
    the handling of these vulnerabilities.

    Cisco would also like to thank John Van Boxtel from Cypress Semiconductor
    Corp, who identified an additional attack vector into CVE-2017-13077.

    Cisco collaborated with The Industry Consortium for Advancement of Security
    on the Internet (ICASI) during the investigation and disclosure of these
    vulnerabilities. More information can be found at http://www.icasi.org/
    wi-fi-protected-access-wpa-vulnerabilities.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy. This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20171016-wpa

Revision History

  o 
    +---------+---------------------+-----------------+---------+-----------------+
    | Version |     Description     |     Section     | Status  |      Date       |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Added additional    | Summary,        |         |                 |
    |         | workarounds.        | Products Under  |         |                 |
    |         | Updated fixed       | Investigation,  |         |                 |
    |         | software            | Vulnerable      |         |                 |
    | 2.2     | availability        | Products,       | Interim | 2017-October-25 |
    |         | information,        | Products        |         |                 |
    |         | vulnerable and      | Confirmed Not   |         |                 |
    |         | non-vulnerable      | Vulnerable,     |         |                 |
    |         | product lists.      | Workarounds,    |         |                 |
    |         |                     | Fixed Software  |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated Fixed       |                 |         |                 |
    |         | Software section    |                 |         |                 |
    |         | based on additional |                 |         |                 |
    | 2.1     | software fixes now  | Summary, Fixed  | Interim | 2017-October-23 |
    |         | available for       | Software        |         |                 |
    |         | wireless access     |                 |         |                 |
    |         | points. Updated     |                 |         |                 |
    |         | Summary.            |                 |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated fix         |                 |         |                 |
    |         | information for     | Heading,        |         |                 |
    |         | devices running     | Summary,        |         |                 |
    | 2.0     | Cisco IOS Software. | Vulnerable      | Interim | 2017-October-20 |
    |         | Updated Vulnerable  | Products, Fixed |         |                 |
    |         | Products, Fixed     | Software        |         |                 |
    |         | Software and        |                 |         |                 |
    |         | Summary.            |                 |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated fix         |                 |         |                 |
    | 1.5     | information for bug | Fixed Software  | Interim | 2017-October-19 |
    |         | CSCvg10793.         |                 |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated the         |                 |         |                 |
    |         | non-vulnerable      |                 |         |                 |
    |         | products with       |                 |         |                 |
    |         | information about   |                 |         |                 |
    |         | mesh networks and   | Vulnerable      |         |                 |
    |         | 12.4 IOS releases,  | Products,       |         |                 |
    | 1.4     | updated Fixed       | Non-Vulnerable  | Interim | 2017-October-19 |
    |         | Software section,   | Products, Fixed |         |                 |
    |         | Updated Vulnerable  | Software        |         |                 |
    |         | Products section    |                 |         |                 |
    |         | with First Fixed    |                 |         |                 |
    |         | Release             |                 |         |                 |
    |         | information.        |                 |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated the Summary |                 |         |                 |
    |         | section. Updated    |                 |         |                 |
    |         | information for     | Summary,        |         |                 |
    |         | vulnerable          | Affected        |         |                 |
    | 1.3     | products. Added     | Products,       | Interim | 2017-October-18 |
    |         | section to assess   | Vulnerable      |         |                 |
    |         | wireless            | Products        |         |                 |
    |         | deployments for     |                 |         |                 |
    |         | CVE-2017-13082.     |                 |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated information | Vulnerable      |         |                 |
    |         | for vulnerable and  | Products,       |         |                 |
    |         | non-vulnerable      | Non-Vulnerable  |         |                 |
    |         | products, and       | Products,       |         |                 |
    | 1.2     | products under      | Products Under  | Interim | 2017-October-17 |
    |         | investigation.      | Investigation,  |         |                 |
    |         | Updated the Details | Fixed Software, |         |                 |
    |         | and Fixed Software  | and Details     |         |                 |
    |         | sections.           | sections.       |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    |         | Updated information | Vulnerable      |         |                 |
    |         | for vulnerable and  | Products,       |         |                 |
    | 1.1     | non-vulnerable      | Non-vulnerable  | Interim | 2017-October-16 |
    |         | products, and       | Products and    |         |                 |
    |         | products under      | Products Under  |         |                 |
    |         | investigation.      | Investigation   |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+
    | 1.0     | Initial public      | --               | Interim | 2017-October-16 |
    |         | release.            |                 |         |                 |
    +---------+---------------------+-----------------+---------+-----------------+

Legal Disclaimer

  o THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND
    OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR
    FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT
    OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES
    THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO
    UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.

    A standalone copy or paraphrase of the text of this document that omits the
    distribution URL is an uncontrolled copy and may lack important information
    or contain factual errors. The information in this document is intended for
    end users of Cisco products.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWfKwo4x+lLeg9Ub1AQgC2xAAmcLtmMYgM1HaYYtgp7GjP3JNUCou1Ojm
2iGfLfXkIxGP+EqNPBYcV4yQp8VcgUY5CXrKAAUFZ52C2qVUqt/iamE/cfmOkqND
vY0uwboaNxpFcvqn+0JwuEQqKWKqc9nqORXl2fNnAd2YDDWAGXb5sJ3ZDJ8e2Q+r
3fs/NeAxHL6egWJkmRdEEa964pK2ZdCKaiKScKNAPQ5hNdAfo94AKXD3jd4JlvWh
r4Y4deUNIoWPWZBOp9x5n5R5MTA2/f0VmtFUrkK47ay4U9j74pDpyG/Beu+foHMD
0TFWKayrh0Rz/88D6RIHjWzhkhSACoYrc6KTMY1AEcUUXihorCvE9ae/3yTjrk8X
KNSqI6UAkc+IBuYUTk8VuxC3qEMD8LcwjFj5f8ej6WfszlPuh/rkXW6KqCja4M3n
eHeGGdj0dtZ5DjIV9BS2rOfCkZlIb1Ktng55ei4Q99/mu+0OqbbQBLq08zKCXNfM
VbRWJIrRGRWER/uIDNECYnQADrdaSoKH4vWbqyApfBKdFI6yskX9HKVDJ/cNGhFi
Dno+YtX8bi81v4VFNbKCtrHugXwgecOlfVBSwDeo0crcIraoF/54t1Q1TFH9eVV7
qpYjtkBaTEYuUHhuhkntIOYifUpsugsEYm9VvbmCcdIF3Z0qb7Ja1CA2lFVC6WgR
7RxZ8pFXtWk=
=AFxi
-----END PGP SIGNATURE-----

« Back to bulletins