Cisco Releases Security Updates

Original release date: February 20, 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Smart Software Manager On-Prem Static Credential Vulnerability cisco-sa-on-prem-static-cred-sL8rDs8
• Unified Contact Center Express Privilege Escalation Vulnerability cisco-sa-uccx-privesc-Zd7bvwyf
• Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability cisco-sa-20200219-ucs-boot-bypass
• Email Security Appliance and Content Security Management Appliance Denial-of-Service Vulnerability cisco-sa-20200219-esa-sma-dos
• Email Security Appliance Denial-of-Service Vulnerability cisco-sa-20200219-esa-dos
• Data Center Network Manager Privilege Escalation Vulnerability cisco-sa-20200219-dcnm-priv-esc
• Data Center Network Manager Cross-Site Request Forgery Vulnerability cisco-sa-20200219-dcnm-csrf

Source link