Cisco Products Multiple Vulnerabilities
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in Cisco products, which can be exploited by attackers to execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system. A remote user can cause denial of service conditions, obtain potentially sensitive information and can conduct cross-site request forgery attacks. A remote authenticated user can upload arbitrary files to the target system.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Cisco WebEx Meetings Server
- Cisco ASA DHCPv6
- Cisco Unified Contact Center Enterprise
- Cisco Unified Communications Manager IPMA
- Cisco IOS XE L2TP
- Cisco Unified Communications Manager
- Cisco TelePresence TC and TE
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor's advisory is available at:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2186
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2182
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2180
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2184
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2185
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1240
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp
Vulnerability Identifier
- CVE-2014-2186
- CVE-2014-2182
- CVE-2014-2180
- CVE-2014-2184
- CVE-2014-2183
- CVE-2014-2185
- CVE-2013-1240
- CVE-2014-2162
- CVE-2014-2163
- CVE-2014-2164
- CVE-2014-2165
- CVE-2014-2166
- CVE-2014-2167
- CVE-2014-2168
- CVE-2014-2169
- CVE-2014-2170
- CVE-2014-2171
- CVE-2014-2172
- CVE-2014-2173
- CVE-2014-2174
- CVE-2014-2175
- CVE-2014-2156
- CVE-2014-2157
- CVE-2014-2158
- CVE-2014-2159
- CVE-2014-2160
- CVE-2014-2161
Source
Related Link
Share with