Cisco Releases Security Advisories for Multiple Products

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply the necessary updates:

• Cisco Catalyst SD-WAN Manager Vulnerabilities cisco-sa-sdwan-vman-sc-LRLfu2z
• Cisco IOS XE Software Web UI Command Injection Vulnerability cisco-sa-webui-cmdij-FzZAeXAy
• Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability cisco-sa-mlre-H93FswRz
• Cisco IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability cisco-sa-ios-xe-l2tp-dos-eB5tuFmV
• Cisco DNA Center API Insufficient Access Control Vulnerability cisco-sa-dnac-ins-acc-con-nHAVDRBZ
• Cisco IOS XE Software for Catalyst 3650 and Catalyst 3850 Series Switches Denial of Service Vulnerability cisco-sa-cat3k-dos-ZZA4Gb3r
• Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability cisco-sa-appqoe-utd-dos-p8O57p5y
• Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability cisco-sa-aaascp-Tyj4fEJm

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

Source link