Cisco released security patches 2019.
Cisco security updates 9 vulnerabilities in which, two high severity vulnerabilities and rest of 7 vulnerabilities marked as medium severity.
Improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability by authenticating to the affected system. It has fixed the bug in new software releases 1.6.0 for Cisco Industrial Network Director.
Affected devices Cisco Expressway, Cisco TelePresence VCS, Cisco Unified Communications Manager IM&P Service.
|Cisco Industrial Network Director Remote Code Execution Vulnerability||High||CVE-2019-1861|
|Cisco Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability||High||CVE-2019-1845|
|Cisco Webex Meetings Server Information
|Cisco TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability||Medium||CVE-2019-1872|
|Cisco Unified Computing System BIOS Signature Bypass Vulnerability||Medium||CVE-2019-1880|
|Cisco IOS XR Software Secure Shell Authentication Vulnerability||Medium||CVE-2019-1842|
|Cisco Industrial Network Director Stored Cross-Site Scripting Vulnerability||Medium||CVE-2019-1882|
|Cisco Industrial Network Director
Cross-Site Request Forgery Vulnerability
|Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability||Medium||CVE-2019-1870|