Cisco Products Multiple Vulnerabilities

Impact

• Cross-Site Scripting
• Denial of Service
• Elevation of Privilege
• Remote Code Execution

System / Technologies affected

• Cisco IOS and IOS XE Software Cluster Management
• Cisco Small Business Managed Switches
• Cisco Email Security Appliance
• Cisco Unified Customer Voice Portal
• Cisco Wide Area Application Services
• Cisco UCS Central Software
• Cisco Small Business IP Phones
• Cisco FindIT Network Discovery Utility
• Cisco Unified Intelligence Center

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

• The vendor has issued a fix

Vulnerability Identifier

• CVE-2017-3881
• CVE-2017-6720
• CVE-2017-12214
• CVE-2017-12215
• CVE-2017-12219
• CVE-2017-12248
• CVE-2017-12250
• CVE-2017-12252
• CVE-2017-12253
• CVE-2017-12254
• CVE-2017-12255

Source

• US-CERT
• Cisco

Related Link

• https://www.us-cert.gov/ncas/current-activity/2017/09/20/Cisco-Releases-Security-Updates
• https://tools.cisco.com/security/center/publicationListing.x