Guest

Preview Tool

Cisco Bug: CSCvs29183 - WLC still shows weak SSH encryption algorithms with encryption high enabled

Last Modified

Dec 18, 2019

Products (1)

  • Cisco 5500 Series Wireless Controllers

Known Affected Releases

8.10(105.0) 8.5(140.0) 8.5(151.0) 8.8(120.0)

Description (partial)

Symptom:
It is expected that the option "config network ssh cipher-option high" would remove the weak algorithms from WLC list of supported algorithms for SSH connections.
However, if we do a ssh scan using a tool like nmap, the WLC lists exactly the same algorithms before and after applying the command and rebooting the WLC.

Customers expect that the weak algorithms to be removed from the WLC supported algorithms list after enabling high ciphers for SSH connections.

Conditions:
The WLC CLI command "config network ssh cipher-option high" is configured.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.