Cisco Updates

Your review has been sent successfully

Cisco Updates

3361

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

10 January, 2020

● Medium

2020-785

All

Description:

Cisco has released security updates to address multiple vulnerabilities in the following products:

Cisco Data Center Analytics Framework

Releases earlier than 8.3.7.5.4

Cisco Webex Video Mesh

Releases earlier than 2019.09.19.1956m

Cisco Emergency Responder

Release 12.5 Su1 and earlier

Cisco Crosswork Change Automation

Releases earlier than 3.1

Cisco AnyConnect Secure Mobility Client – Android

Releases earlier than 4.8.00826

Cisco Unified CVP Software

Releases earlier than 11.6(1) ES-11 and 12.0(1) ES-7

Cisco IP Phone 6800, 7800, and 8800
Cisco Finesse
Cisco StarOS

Releases earlier than 21.16.1

Cisco UCS Director

Releases earlier than 6.7.3.1

Cisco Webex Centers
Cisco IOS and Cisco IOS XE Software Web UI
Cisco Vision Dynamic Signage Director

Releases earlier than 6.2 Service Pack 2

Cisco Identity Services Engine (ISE)

Release 2.2

Threats:

Remote attacker could exploit these vulnerabilities by doing the following:

Cross-site scripting (XSS) attack.
Cross-site request forgery (CSRF) attack.
Denial of service (DoS) attack.
Download system log files.
Bypass authorization and access sensitive information.
Execute arbitrary code as a root.

Best practice and Recommendations:

The CERT team encourages users to review Cisco security advisory and apply the necessary updates:

https://tools.cisco.com/security/center/publicationListing.x

Last updated at 13 January, 2020

Cisco Updates

Classification

Most Viewed Warnings