Cisco Releases Security Updates for Multiple Products

Original release date: July 30, 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

• Cisco SD-WAN vManage Software Authorization Bypass Vulnerability cisco-sa-uabvman-SYGzt8Bv
• Cisco Data Center Network Manager Authentication Bypass Vulnerability cisco-sa-dcnm-bypass-dyEejUMs
• Cisco Data Center Network Manager Command Injection Vulnerability cisco-sa-devmgr-cmd-inj-Umc8RHNh
• Cisco Data Center Network Manager Command Injection Vulnerability cisco-sa-dcnm-rest-inj-BCt8pwAJ
• Cisco Data Center Network Manager Path Traversal Vulnerability cisco-sa-dcnm-path-trav-2xZOnJdR
• Cisco Data Center Network Manager Improper Authorization Vulnerability cisco-sa-dcnm-improper-auth-7Krd9TDT
• Cisco Data Center Network Manager Authentication Bypass Vulnerability cisco-sa-dcnm-auth-bypass-JkubGpu3

Source link