it.ucsf.edu

Security Update:CISCO released 5 Critical and 19 High security advisories to address vulnerabilities in multiple products

Status Type

Security Update

Date and Time

Friday, June 22, 2018 - 15:34

Reason

Security update

Impact

Cisco users

WHAT HAPPENED

CISCO released 5 Criticaland 19 Highsecurity advisories to address vulnerabilities in multiple products.

 

Advanced Users: For a complete description of the vulnerabilities visit:

 

Affected Systems:

  • The following Cisco products if they are running a vulnerable release of Cisco NX-OS Software:
    • MDS 9000 Series Multilayer Switches
    • Nexus 2000 Series Fabric Extenders
    • Nexus 3000 Series Switches
    • Nexus 3500 Platform Switches
    • Nexus 5500 Platform Switches
    • Nexus 5600 Platform Switches
    • Nexus 6000 Series Switches
    • Nexus 7000 Series Switches
    • Nexus 7700 Series Switches
    • Nexus 9000 Series Switches in standalone NX-OS mode
    • Nexus 9500 R-Series Line Cards and Fabric Modules
    • UCS 6100 Series Fabric Interconnects
    • UCS 6200 Series Fabric Interconnects
    • UCS 6300 Series Fabric Interconnects
  • The following Cisco products if they are running a vulnerable release of Cisco FXOS Software or Cisco NX-OS Software and are configured to use Cisco Fabric Services:
    • Firepower 4100 Series Next-Generation Firewalls
    • Firepower 9300 Security Appliance
    • MDS 9000 Series Multilayer Switches
    • Nexus 2000 Series Fabric Extenders
    • Nexus 3000 Series Switches
    • Nexus 3500 Platform Switches
    • Nexus 5500 Platform Switches
    • Nexus 5600 Platform Switches
    • Nexus 6000 Series Switches
    • Nexus 7000 Series Switches
    • Nexus 7700 Series Switches
    • Nexus 9000 Series Switches in standalone NX-OS mode
    • Nexus 9500 R-Series Line Cards and Fabric Modules
    • UCS 6100 Series Fabric Interconnects
    • UCS 6200 Series Fabric Interconnects
    • UCS 6300 Series Fabric Interconnects
  • The following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and are configured to use the NX-API feature:
    • MDS 9000 Series Multilayer Switches
    • Nexus 2000 Series Switches
    • Nexus 3000 Series Switches
    • Nexus 3500 Platform Switches
    • Nexus 5500 Platform Switches
    • Nexus 5600 Platform Switches
    • Nexus 6000 Series Switches
    • Nexus 7000 Series Switches
    • Nexus 7700 Series Switches
    • Nexus 9000 Series Switches in standalone NX-OS mode
  • The following Cisco products if they are running a vulnerable release of Cisco FXOS Software, Cisco NX-OS Software, or Cisco UCS Manager Software:
    • Firepower 4100 Series Next-Generation Firewall
    • Firepower 9300 Security Appliance
    • MDS 9000 Series Multilayer Director Switches
    • Nexus 1000V Series Switches
    • Nexus 1100 Series Cloud Services Platforms
    • Nexus 2000 Series Switches
    • Nexus 3000 Series Switches
    • Nexus 3500 Platform Switches
    • Nexus 3600 Platform Switches
    • Nexus 5500 Platform Switches
    • Nexus 5600 Platform Switches
    • Nexus 6000 Series Switches
    • Nexus 7000 Series Switches
    • Nexus 7700 Series Switches
    • Nexus 9000 Series Switches in NX-OS mode
    • Nexus 9500 R-Series Line Cards and Fabric Modules
    • UCS 6100 Series Fabric Interconnects
    • UCS 6200 Series Fabric Interconnects
    • UCS 6300 Series Fabric Interconnects
  • Cisco Nexus 4000 Series Switches if they are running a vulnerable release of Cisco NX-OS Software
  • Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode if they are running a vulnerable release of Cisco NX-OS Software
  • The following Cisco products if they are running a vulnerable version of Cisco FXOS or Cisco UCS Fabric Interconnect Software:
    • Firepower 4100 Series Next-Generation Firewall
    • Firepower 9300 Security Appliance
    • UCS 6200 Series Fabric Interconnects
    • UCS 6300 Series Fabric Interconnects
  • Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance if they are running a vulnerable release of Cisco FXOS Software

 

WHAT’S THE PROBLEM?

A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

 

WHAT DO I NEED TO DO?

Users and administrators are encouraged to review the above Cisco Security Advisory and apply the offered updates.

 

RELATED LINKS