Cisco Releases Security Updates for Multiple Products

Original release date: October 7, 2021

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability cisco-sa-wsa-dos-fmHdKswk
• Cisco Intersight Virtual Appliance Command Injection Vulnerability cisco-sa-ucsi2-command-inject-CGyC8y2R
• Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities cisco-sa-sb220-lldp-multivuls-mVRUtQ8T
• Cisco Identity Services Engine Privilege Escalation Vulnerability cisco-sa-ise-priv-esc-UwqPrBM3
• Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities cisco-sa-ata19x-multivuln-A4J57F3
• Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability cisco-sa-anyconnect-lib-hija-cAFB7x4q

Source link