Cisco Releases Security Advisories for Multiple Products

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply the necessary updates:

• Cisco Firepower Management Center Software Command Injection Vulnerability
• Cisco Identity Services Engine Command Injection Vulnerabilities
• Cisco Identity Services Engine Vulnerabilities
• Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls Inspection Rules Denial of Service Vulnerability
• Cisco Firepower Threat Defense Software ICMPv6 with Snort 2 Denial of Service Vulnerability
• Cisco Firepower Threat Defense Software and Firepower Management Center Software Code Injection Vulnerability
• Cisco Firepower Management Center Software Log API Denial of Service Vulnerability
• Cisco Firepower Management Center Software Command Injection Vulnerabilities
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ICMPv6 Message Processing Denial of Service Vulnerability

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
 

Source link