The April 15, 2020, release of the Cisco Aironet AP, Mobility Express, and WLC Software Security Advisory Bundled Publication includes four Cisco Security Advisories that describe four vulnerabilities in Cisco Aironet Access Points (AP), Mobility Express, and Wireless LAN Controller (WLC) Software. Cisco has released software updates that address these vulnerabilities.
All four vulnerabilities have a Security Impact Rating (SIR) of High. Successful exploitation of the vulnerabilities could allow an attacker to conduct a cross-site request forgery attack or cause a denial of service (DoS) condition on an affected device.
Two vulnerabilities affect Cisco WLC Software, one vulnerability affects only Cisco Aironet AP Software, and one vulnerability affects only Cisco Mobility Express Software.