Cisco публикува ъпдейти, отстраняващи уязвимости в сигурността на множество свои продукти. Нападател дистанционно би могъл да използва някои от тези уязвимости, за да поеме контрол над засегнатата система.
CERT България препоръчва на потребителите и администраторите да се запознаят със съветите за сигурност на страницата на Cisco и да инсталират необходимите ъпдейти.
- Industrial Network Director Remote Code Execution Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-rce
- Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-cucm-imp-dos
- Webex Meetings Server Information Disclosure Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-webexmeetings-id
- TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-vcs
- Unified Computing System BIOS Signature Bypass Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ucs-biossig-bypass
- IOS XR Software Secure Shell Authentication Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh
- Industrial Network Director Stored Cross-Site Scripting Vulnerability – https://www.us-cert.gov/ncas/current-activity/2019/06/05/Cisco-Releases-Security-Updates-Multiple-Products
- Industrial Network Director Cross-Site Request Forgery Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-csrf
- Enterprise Chat and Email Cross-Site Scripting Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ece-xss