Cisco Products Multiple Vulnerabilities

Impact

• Cross-Site Scripting
• Denial of Service
• Elevation of Privilege
• Remote Code Execution
• Security Restriction Bypass
• Information Disclosure

System / Technologies affected

• Cisco WebEx Business Suite meeting sites
• Cisco WebEx Meetings sites
• Cisco WebEx Meetings Server
• Cisco WebEx ARF players
• Cisco Prime Data Center Network Manager (DCNM) - Version 10.0 and later
• Cisco Prime Infrastructure (PI) 
• Cisco Prime Service Catalog User Interface
• Cisco Secure ACS CLI
• Cisco Wireless LAN Controllers
• Cisco Aironet Access Points 
• Cisco IOS, IOS XE, and IOS XR Software
• Cisco Firepower System Software 

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

• Upgrade to a fixed version: https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

Vulnerability Identifier

• CVE-2018-0112
• CVE-2018-0167
• CVE-2018-0175
• CVE-2018-0226
• CVE-2018-0234
• CVE-2018-0235
• CVE-2018-0245
• CVE-2018-0247
• CVE-2018-0249
• CVE-2018-0250
• CVE-2018-0252
• CVE-2018-0253
• CVE-2018-0258
• CVE-2018-0262
• CVE-2018-0264
• CVE-2018-0278
• CVE-2018-0281
• CVE-2018-0283
• CVE-2018-0285
• CVE-2018-0286
• CVE-2018-0287
• CVE-2018-0288

Source

• US-CERT
• Cisco

Related Link

• https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
• https://www.us-cert.gov/ncas/current-activity/2018/05/02/Cisco-Releases-Security-Updates