Security Update:Cisco released 2 Critical and 1 High security advisories to address vulnerabilities in multiple products.
Status Type
Security Update
Date and Time
Thursday, March 8, 2018 - 15:34
Reason
Security update
Impact
Cisco users
WHAT HAPPENED?
Cisco released 2 Critical and 1 High security advisories to address vulnerabilities in multiple products.
Advanced Users: For a complete description of the vulnerabilities visit:
- Cisco Prime Collaboration Provisioning Hard-Coded Password Vulnerability - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-cpcp
- Cisco Secure Access Control System Java Deserialization Vulnerability - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2
- Cisco Web Security Appliance FTP Authentication Bypass Vulnerability -https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-wsa
AFFECTED Systems:
- Cisco Prime Collaboration Provisioning (PCP) Software Release 11.6 only
- Cisco Secure ACS prior to release 5.8 patch 9
- Cisco AsyncOS for WSA Software on both virtual and hardware appliances that are running any release of Cisco AsyncOS 10.5.1 for WSA Software.ASR 5000 Series Aggregation Services Routers
WHAT'S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to take control of an affected system.
WHAT DO I NEED TO DO?
Users and administrators are encouraged to review the above Cisco Security Advisories and apply the necessary updates.
RELATED LINKS
- IT Security at http://it.ucsf.edu/security
- 424 reads
- Printer-friendly version