Cisco Releases Security Updates

Original release date: November 7, 2019

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
• Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Command Injection Vulnerability
• Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerabilities
• Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Privilege Escalation Vulnerability
• Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities
• Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service Vulnerability
• Cisco Web Security Appliance Unauthorized Device Reset Vulnerability

Source link