Cisco fixes several vulnerabilities in Cisco small business smart and managed switch

Yesterday Cisco release fix for eight vulnerabilities . out of eight only one vulnerability has been declare high severity.
1- Cisco Small Business Smart and Managed Switches Session Management Vulnerability
    CVE-2020-3297        Risk - HIGH
    Affected Products
            250 Series Smart Switches
            350 Series Managed Switches
            350X Series Stackable Managed Switches
            550X Series Stackable Managed Switches
            Small Business 200 Series Smart Switches
            Small Business 300 Series Managed Switches
            Small Business 500 Series Stackable Managed Switches

2- Cisco Small Business RV042 and RV042G Routers Cross-Site Scripting Vulnerability
    CVE-2020-3431   Risk - Medium
    Affected Products
        At the time of publication, this vulnerability affected Cisco Small Business RV042 and            RV042G Routers firmware releases earlier than Release 4.2.3.14

3- Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities
    CVE-2020-3340    Risk - Medium
    Affected Products
        At the time of publication, these vulnerabilities affected Cisco ISE releases earlier than Release 2.6 Patch 7

4- Cisco Digital Network Architecture Center Information Disclosure Vulnerability
         CVE-2020-3391  Risk - Medium
        Affected Products
            At the time of publication, this vulnerability affected Cisco DNA Center releases earlier than Release 1.2.10.

5- Cisco Unified Customer Voice Portal Information Disclosure Vulnerability
        CVE-2020-3402  Risk - Medium
        Affected Products
            At the time of publication, this vulnerability affected Cisco Unified CVP releases 12.5(1) and earlier.

6-Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
        CVE-2020-3420  Risk - Medium
        Affected Products
            At the time of publication, this vulnerability affected all releases of Cisco Unified CM and Cisco Unified CM SME software.

7-Cisco Unified Communications Products Cross-Site Scripting Vulnerability
        CVE-2020-3282  Risk - Medium
        Affected Products
            At the time of publication, this vulnerability affected the following Cisco products:
                Unified Communications Manager (Unified CM)
                Unified Communications Manager Session Management Edition (Unified CM SME)
                Unified Communications Manager IM & Presence Service (Unified CM IM&P)
                Unity Connection

8- Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability
             CVE-2020-3432 Risk - Medium
            Affected Products
                At the time of publication, this vulnerability affected Cisco AnyConnect Secure Mobility Client for Mac OS releases earlier than 4.9.00086.

By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Chinese Hackers Target US Treasury in Critical Cybersecurity Incident

  Chinese Hackers Breach US Treasury in Major Cybersecurity Incident In a concerning cybersecurity breach, Chinese state-sponsored hackers g...