Cisco Unauthorized Access Vulnerability
Cisco has just released an advisory for a security vulnerabilty affecting WLCs with code 7.6, 8.0 and 8.1: cisco-sa-20160113-wlc
The bug may allow an attacker to compromise the controller and change its configuration. The bug was found by Cisco and the release states no known malicious code currently exploits the vulnerability.
The affected controllers include the Cisco controllers : 2500, 5500, 8500, 7500 and the virtual WLCs. Older WLCs, such as the 2100 and 4400 series controllers are not affected.
For fixes, contact TAC for the 7.6 train, or upgrade version 8.0 to 220.127.116.11 and 8.1 to version 18.104.22.168.
Cisco have listed specific details on their website and the full advisory can be found here. The screen shot below provides some high level information: