Skip to main content

Cisco Products Multiple Vulnerabilities

Last Update Date: 24 Jul 2020 Release Date: 21 Jul 2020 4989 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.

 

Notes: No patch is currently available.

 

[Updated on 2020-07-24]

Note: Patch is currently available. The risk level was decreased to medium risk correspondingly.


Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Cisco ASR 5000
  • Cisco ASR 5500
  • Cisco Virtual Packet Core

 

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC


Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

  • Cisco ASR 5000 21.5.27
  • Cisco ASR 5500 21.5.27
  • Cisco ASR 5500 21.11.15
  • Cisco ASR 5500 21.14.22
  • Cisco ASR 5500 21.20.2
  • Cisco Virtual Packet Core 21.5.27
  • Cisco Virtual Packet Core 21.11.15
  • Cisco Virtual Packet Core 21.14.22
  • Cisco Virtual Packet Core 21.20.2

 

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC


Vulnerability Identifier


Source


Related Link