Cisco released security patches 2019.

Cisco security updates 9 vulnerabilities in which, two high severity vulnerabilities and rest of 7 vulnerabilities marked as medium severity.

CVE-2019-1861

Improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability by authenticating to the affected system. It has fixed the bug in new software releases 1.6.0 for Cisco Industrial Network Director.

CVE-2019-1845 DOS

Affected devices Cisco Expressway, Cisco TelePresence VCS, Cisco Unified Communications Manager IM&P Service.

  • Unified Communications Manager IM&P Service (multiple releases).
  • Expressway Series configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)
  • TelePresence VCS configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)
  • Cisco Industrial Network Director Remote Code Execution Vulnerability High CVE-2019-1861 
    Cisco Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability High CVE-2019-1845 
    Cisco Webex Meetings Server Information
    Disclosure Vulnerability
    Medium CVE-2019-1868
    Cisco TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability Medium CVE-2019-1872 
    Cisco Unified Computing System BIOS Signature Bypass Vulnerability Medium CVE-2019-1880 
    Cisco IOS XR Software Secure Shell Authentication Vulnerability Medium CVE-2019-1842 
    Cisco Industrial Network Director Stored Cross-Site Scripting Vulnerability Medium CVE-2019-1882 
    Cisco Industrial Network Director
    Cross-Site Request Forgery Vulnerability
     Medium CVE-2019-1881 
    Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability Medium CVE-2019-1870 

    Follow on Twitter, Instagram and Facebook

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here