Cisco IOS XE Wireless Controller Software Lobby Ambassador User Deletion Vulnerability

A vulnerability exists in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software, allowing authenticated, remote attackers to delete arbitrary users from an affected device. This issue arises from inadequate access control for actions performed by lobby ambassador users. Exploitation requires logging in with a lobby ambassador account, which is not enabled by default, and sending crafted HTTP requests to the API. Successful exploitation could result in the deletion of user accounts, including those with administrative rights.

Impact

Exploitation of this vulnerability could lead to the unauthorized deletion of user accounts on the device, including accounts with administrative privileges.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading can be found on the Cisco Security Advisories page. To determine exposure to this vulnerability, users can consult the Cisco Software Checker tool.