Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CERT Bulgaria encourages users and administrators to review the following advisories and apply the necessary updates:
- Cisco Catalyst SD-WAN Manager Vulnerabilities cisco-sa-sdwan-vman-sc-LRLfu2z
- Cisco IOS XE Software Web UI Command Injection Vulnerability cisco-sa-webui-cmdij-FzZAeXAy
- Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability cisco-sa-mlre-H93FswRz
- Cisco IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability cisco-sa-ios-xe-l2tp-dos-eB5tuFmV
- Cisco DNA Center API Insufficient Access Control Vulnerability cisco-sa-dnac-ins-acc-con-nHAVDRBZ
- Cisco IOS XE Software for Catalyst 3650 and Catalyst 3850 Series Switches Denial of Service Vulnerability cisco-sa-cat3k-dos-ZZA4Gb3r
- Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability cisco-sa-appqoe-utd-dos-p8O57p5y
- Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability cisco-sa-aaascp-Tyj4fEJm