Cisco Cisco Aironet 1200 Access Point Notas de publicación
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
23
Release Notes for Cisco Aironet Access Points for Cisco IOS Release 12.3(8)JA
OL-8237-01
Caveats
•
CSCsc09453—Access point no longer shows channel least-congested in the running configuration
•
CSCsc33870—GUI now allows $ entry in WPA-PSK field
•
CSCsc37823—Devices now obtain IP addresses from DHCP server when WLSM and MBSSID is
enabled on the access point
enabled on the access point
•
CSCsc40764—1100 series access point no longer crashes after upgrade to Cisco Release 12.3(7)JA1
•
CSCsc41949—1300 series outdoor access point/bridge no longer crashes when processing
AiroIAPP Protocol
AiroIAPP Protocol
•
CSCsc43974—RSN capabilities IE no changes when the radio resets
•
CSCsc50962—Express Setup page now shows correct Aironet Extension settings
•
CSCsc51365—Access point no longer resets client state after receiving an authorization request
•
CSCsc54623—The dot11 wpa handshake timeout command is now available
•
CSCsc64976—HTTP server should scrub embedded HTML tags from command output
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically
generated output, such as the output from a show buffers command, will be passed to the browser
requesting the page. This HTML code could be interpreted by the client browser and potentially
execute malicious commands against the device or other possible cross-site scripting attacks.
Successful exploitation of this vulnerability requires that a user browse a page containing dynamic
content in which HTML commands have been injected.
generated output, such as the output from a show buffers command, will be passed to the browser
requesting the page. This HTML code could be interpreted by the client browser and potentially
execute malicious commands against the device or other possible cross-site scripting attacks.
Successful exploitation of this vulnerability requires that a user browse a page containing dynamic
content in which HTML commands have been injected.
Cisco will be making free software available to address this vulnerability for affected customers.
There are workarounds available to mitigate the effects of the vulnerability. This advisory is
posted at
There are workarounds available to mitigate the effects of the vulnerability. This advisory is
posted at
.
This caveat is duplicated by CSCsc89020.
•
CSCsc68458—Native IOS LWAPP access point can now be managed by WLSE after converting to
Autonomous Mode (IOS)
Autonomous Mode (IOS)
•
CSCsc78972—sh wlccp wds mn detail command now shows VLAN info for associated clients
•
CSCsc80506—Access point no longer replies to ARP requests with 0.0.0.0
•
CSCsc94879—Access point no longer continues to stream RTP packets to a Cisco 7920 phone after
the 7920 sends a deauthentication packet to the access point
the 7920 sends a deauthentication packet to the access point
•
CSCeh26653—cdp source-interface BVI1 configuration no longer disappears after rebooting
•
CSCej75301— parser_add_link_to_list now uses chunks to avoid memory fragmentation
•
CSCek23736—Typographical errors corrected in debug dot11 beacon command
•
CSCsb14191—Traceback no longer appears when configuring over 250 login authentication lists
This caveat is duplicated by CSCsb51384.
•
CSCsb20723—Access point default behavior to limit client transmitter power has been corrected
•
CSCsb72895—Access points now support the whyReload mib command
•
CSCsc11134—Radio driver does not check for encryption required on receive
Cisco Access Points operating in Lightweight Access Point Protocol (LWAPP) mode may allow
unauthenticated end hosts to send unencrypted traffic to a secure network by sending frames from
the Media Access Control (MAC) address of an already authenticated end host.
unauthenticated end hosts to send unencrypted traffic to a secure network by sending frames from
the Media Access Control (MAC) address of an already authenticated end host.
Only the access points that are operating in LWAPP (i.e. controlled by a separate Wireless LAN
Controller) mode are affected. Access points that are running in autonomous mode are not affected.
Controller) mode are affected. Access points that are running in autonomous mode are not affected.