Cisco публикува ъпдейти за защита – 03.05.2018

Cisco публикува ъпдейти, отстраняващи уязвимости в множество продукти. Нападател дистанционно би използвал някои от тези уязвимости, за да поеме контрол над засегнатата система.

CERT България препоръчва на потребителите и администраторите да се запознаят със следните съвети на Cisco и да приложат необходимите ъпдейти:

·         WebEx Advanced Recording Format – Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-war

·         Prime File Upload Servlet – Path Traversal and Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-prime-upload

·         Secure Access Control System – Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-acs1

·         Wireless LAN Controller 802.11 Management Frame – Denial-of-Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-mfdos

·         Wireless LAN Controller IP Fragment Reassembly – Denial-of-Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-wlc-ip

·         Meeting Server – Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-cms-cx

·          Aironet 1810, 1830, and 1850 Series Access Points Point-to-Point Tunneling Protocol – Denial-of-Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-ap-ptp

·         Aironet 1800, 2800, and 3800 Series Access Points Secure Shell – Privilege Escalation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-aironet-ssh