Description:

Cisco has released security updates to address multiple vulnerabilities in the following products:

• CiCisco SD-WAN vManage
• Cisco HyperFlex HX
• Cisco SD-WAN software:
  • SD-WAN vBond Orchestrator Software
  • SD-WAN vEdge Cloud Routers
  • SD-WAN vEdge Routers
  • SD-WAN vManage Software
  • SD-WAN vSmart Controller Software
• Cisco SD-WAN vEdge Software:
  • SD-WAN vEdge Cloud Routers
  • SD-WAN vEdge Routers
• WAP125 Wireless-AC Dual Band Desktop Access Point with PoE
  • 1.0.3.1 and earlier
• WAP131 Wireless-N Dual Radio Access Point with PoE
  • 1.0.2.17 and earlier
• WAP150 Wireless-AC/N Dual Radio Access Point with PoE
  • 1.1.2.4 and earlier
• WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch
  • 1.0.2.17 and earlier
• WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE
  • 1.1.2.4 and earlier
• WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN
  • 1.0.3.1 and earlier
• Cisco Enterprise NFV Infrastructure Software (NFVIS)
  • releases earlier than 4.5.1
• Cisco Unified Communications Manager IM & Presence Service
• Cisco devices if they are running a vulnerable release of Cisco AnyConnect Secure Mobility Client for Windows

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Denial of service (DoS)
• Elevate privileges
• Execute arbitrary code

Best practice and Recommendations:

The CERT team encourages users to review Cisco security advisory and apply the necessary updates:

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-4TbynnhZ
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-dos-Ckn5cVqW
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-buffover-MWGucjtO
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-auth-bypass-65aYqcS2
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-multi-ZAfKGXhF
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nfvis-cmdinj-DkFjqg2j
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imp-inj-ereCOKjR
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-mVjOWchB
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-infdisc-Twb4EypK
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-eN75jxtW
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-enumeration-64eNnDKy
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-dos-OO4SRYEf
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tp-rmos-fileread-pE9sL3g
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-priv-esc-JJ8zxQsC
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmaninfdis3-OvdR6uu8
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanageinfdis-LKrFpbv
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-QVszVUPy
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfile-7Qhd9mCn
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-vmanage-9VZO4gfU
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-34x-privesc-GLN8ZAQE
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcameras-dos-fc3F6LzT
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-upload-KtCK8Ugz
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-gY2AEz2H
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bwms-xxe-uSLrZgKs
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-profile-AggMUCDg
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-mac-priv-esc-VqST2nrT