The official site for Saudi CERT
Cisco Updates
2824
Warning Date
Severity Level
Warning Number
Target Sector
16 April, 2020
● High
2020-1149
All
Description:
Cisco has released security updates to address multiple vulnerabilities in the following products :
- UCM SME
- Cisco IoT Field Network Director if it is running a software release earlier than Release 4.6
- Aironet 1540 Series Access Points
- Aironet 1560 Series Access Points
- Aironet 1800 Series Access Points
- Aironet 2800 Series Access Points
- Aironet 3800 Series Access Points
- Aironet 4800 Series Access Points
- Catalyst IW6300 Access Points
- 6300 Embedded Services Access Points
- Cisco Webex Meetings sites — All Webex Network Recording Player and Webex Player releases earlier than Release WBS 39.5.18 or Release WBS 40.2
- Cisco Webex Meetings Online sites — All Webex Network Recording Player and Webex Player releases earlier than Release 1.3.48
- Cisco Webex Meetings Server — All Webex Network Recording Player releases earlier than Release 4.0MR3
- Cisco devices if they are running a vulnerable release of Cisco WLC Software and have at least one WLAN with the HotSpot2.0 feature enabled
- Cisco UCS Director
- Cisco UCS Director Express for Big Data
- IP Phone 7811, 7821, 7841, and 7861 Desktop Phones
- IP Phone 8811, 8841, 8845, 8851, 8861, and 8865 Desktop Phones
- Unified IP Conference Phone 8831
- Wireless IP Phone 8821 and 8821-EX
Threats:
- Denial of service attack (DoS)
- Cross-site request forgery (CSRF)
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to apply the necessary updates according to the link below:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-taps-path-trav-pfsFO93r
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-dos-5ZLs6ESz
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-coap-dos-WTBu6YTq
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mob-exp-csrf-b8tFec24
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-Q7Rtgvby
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-gas-dos-8FsE3AWH
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs
Rate the content
Share the page
