Cisco Products Multiple Vulnerabilities
Last Update Date:
17 Nov 2017 10:16
Release Date:
17 Nov 2017
4153
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities have been identified in Cisco Products, which could be exploited by attackers to conduct cross-site scripting attack, perform remote code execution, trigger denial of service conditions, obtain elevated privileges, obtain potentially sensitive information and bypass security restriction on the target system.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Cisco Voice Operating System
- Cisco FindIT Network Discovery Utility
- Cisco Web Security Appliance
- Cisco Umbrella Insights Virtual Appliance
- Cisco Unified Communications Manager
- Cisco Spark Board
- Cisco RF Gateway
- Cisco Registered Envelope Service
- Cisco Identity Services Engine (ISE)
- Cisco IP Phone 8800 Series
- Cisco IOS and IOS XE Software
- Cisco Immunet Antimalware Installer
- Cisco HyperFlex System
- Cisco Firepower System Software
- Cisco ASA Next-Generation Firewall Services
- Cisco Email Security Appliance
- Cisco Network Academy Packet Tracer
- Cisco Meeting Server
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix.
Vulnerability Identifier
- CVE-2017-12290
- CVE-2017-12291
- CVE-2017-12292
- CVE-2017-12299
- CVE-2017-12300
- CVE-2017-12302
- CVE-2017-12303
- CVE-2017-12304
- CVE-2017-12305
- CVE-2017-12306
- CVE-2017-12309
- CVE-2017-12311
- CVE-2017-12312
- CVE-2017-12313
- CVE-2017-12314
- CVE-2017-12315
- CVE-2017-12316
- CVE-2017-12318
- CVE-2017-12320
- CVE-2017-12321
- CVE-2017-12322
- CVE-2017-12323
- CVE-2017-12337
- CVE-2017-12350
Source
Related Link
Share with