Cisco пусна ъпдейти за защита и 18 препоръки за справяне с уязвимостите в различни продукти. Нападател дистанционно би могъл да използва някои от тези уязвимости, за да поеме контрол над засегнатите продукти.
CERT България препоръчва на потребителите и администраторите да се запознаят със съветите за сигурност на Cisco и да приложат необходимите ъпдейти.
· Linux Kernel IP Fragment Reassembly – Denial of Service Vulnerability
· Open Container Initiative runc CLI – Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc
· Cisco Prime Infrastructure – Certificate Validation Vulnerability
· Cisco Prime Collaboration Assurance Software – Unauthenticated Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-pca-access
· Cisco Network Convergence System 1000 Series – TFTP Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-ncs
· Cisco HyperFlex Software – Command Injection Vulnerability
· Cisco HyperFlex Software – Unauthenticated Root Access Vulnerability
· Cisco HyperFlex – Arbitrary StatisticsWrite Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-write
· Cisco Hyperflex Stored – Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-xss
· Cisco HyperFlex – Unauthenticated Statistics Retrieval Vulnerability
· Cisco Webex Meetings Online Content – Injection Vulnerability
· Cisco Webex Teams for iOS – Arbitrary File Upload Vulnerability
· Cisco SPA112, SPA525, and SPA5x5 Series IP Phones – Certificate Validation Vulnerability
· Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol – Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos
· Cisco IoT Field Network Director – XML External Entity Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-iot-fnd-xml
· Cisco Firepower Threat Defense Software SSL or TLS – Denial of Service Vulnerability
· Cisco Firepower 9000 Series Firepower 2-Port 100G Double-Width Network Module Queue Wedge – Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos
· Cisco Unity Connection – Reflected Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cuc-rxss