Patch/Configuration Management, Vulnerability Management

Cisco releases updates for 10 high-rated vulnerabilities

Cisco released security updates to address vulnerabilities in multiple products that could allow an attacker to take control of an affected system.

The updates include patches to 10 flaws rated "high," including four denial of service (DoS) bugs involving a Web Security Appliance HTTPS Certificate, a Small Business Series Switches HTTP, a Web Security Appliance Web Proxy, and a Unified Communications Manager Session Initiation Protocol, according to a July 3 advisory.

The updates also address an Application Policy Infrastructure Controller REST API Privilege Escalation vulnerability and a Small Business Series Switches Memory Corruption vulnerability. 

The privilege escalation vulnerability is caused by incomplete validation and error checking for the file path when specific software is uploaded while the memory corruption bug is caused by improper validation of HTTPS packets

Those whose systems are vulnerable should update as soon as possible.  

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.