Af Torben B. Sørensen, 04/08/17
Cisco har lukket 14 sikkerhedshuller i en række produkter.
Sårbarhederne findes i produkter som Cisco Videoscape Distribution Suite Cache Server, Identity Services Engine, Unified Communications Manager, Smart Net Total Care Software Collector Appliance og Prime Collaboration Provisioning Tool.
De fleste af sårbarhederne har fået risikovurderingen medium. To medfører dog høj risiko. Den ene findes i Videoscape Distribution Suite for Television, den anden i Identity Services Engine.
Cisco har udsendt opdateringer, der lukker sikkerhedshullerne.
Anbefaling
Installer opdateringerne.
Links
- Cisco Videoscape Distribution Suite Cache Server Denial of Service Vulnerability
- Cisco Identity Services Engine Authentication Bypass Vulnerability
- Cisco Unified Communications Manager Directory Traversal Vulnerability
- Cisco Unified Communications Manager SQL Injection Vulnerability
- Cisco Smart Net Total Care Software Collector Appliance SQL Injection Vulnerability
- Cisco Prime Collaboration Provisioning Tool Pervasive Cross-Site Request Forgery Vulnerability
- Cisco Prime Collaboration Provisioning Tool UpgradeManager File Write Vulnerability
- Cisco Meeting Server H.264 Protocol Denial of Service Vulnerability
- Cisco Firepower System Software Secure Sockets Layer Policy Bypass Vulnerability
- Cisco Jabber Guest Server Cross-Site Scripting Vulnerability
- Cisco Finesse Reflected Cross-Site Scripting Vulnerability
- Cisco Adaptive Security Appliance Username Enumeration Information Disclosure Vulnerability
- Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability
- Cisco Adaptive Security Appliance Authenticated Cross-Site Scripting Vulnerability
- Cisco Patches Serious Flaws in ISE, VDS TV Products, artikel fra SecurityWeek