Cisco Products Multiple Vulnerabilities
Last Update Date:
20 Oct 2017 09:40
Release Date:
20 Oct 2017
4348
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities have been identified in Cisco Products, which could be exploited by attackers to conduct cross-site scripting attack, perform remote code execution, trigger denial of service conditions, obtain potentially sensitive information and bypass security restriction on the target system.
Impact
- Cross-Site Scripting
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Cisco FX-OS Software
- Cisco NX-OS Software
- Cisco IOS XE Software
- Cisco Cloud Services Platform (CSP)
- Cisco SPA50x, SPA51x, and SPA52x Series IP Phones
- Cisco SPA300 and SPA500 Series IP Phones
- Cisco WebEx Meetings Server
- Cisco Unified Contact Center Express
- Cisco Network Analysis Module Software
- Cisco Jabber
- Cisco Jabber for Windows Client
- Cisco Expressway Series Software
- Cisco TelePresence Video Communication Server (VCS) Software
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix.
Vulnerability Identifier
- CVE-2017-12251
- CVE-2017-12259
- CVE-2017-12260
- CVE-2017-12271
- CVE-2017-12272
- CVE-2017-12284
- CVE-2017-12285
- CVE-2017-12286
- CVE-2017-12287
- CVE-2017-12288
- CVE-2017-12289
- CVE-2017-12293
- CVE-2017-12296
- CVE-2017-12298
- CVE-2017-12301
- CVE-2017-3883
Source
Related Link
Share with