Cisco Products Multiple Vulnerabilities

Impact

• Cross-Site Scripting
• Denial of Service
• Remote Code Execution
• Security Restriction Bypass

System / Technologies affected

• Cisco Secure ACS 4.x
• Cisco Unified Communications Manager 9.x
• Cisco Identity Services Engine (ISE) 1.x
• Cisco Adaptive Security Appliance (ASA) Software
• Cisco IOS Software
• Cisco Wireless LAN Controller (WLC)
• Cisco Mobility Services Engine
• Cisco WebEx Player 11
• Cisco Secure Access Control System 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

• Update to fixed version

Vulnerability Identifier

• CVE-2013-3466
• CVE-2013-3467
• CVE-2013-3472
• CVE-2012-5744
• CVE-2013-3474
• CVE-2013-5469
• CVE-2013-3463
• CVE-2013-3469
• CVE-2013-1115
• CVE-2013-1116
• CVE-2013-1117
• CVE-2013-1118
• CVE-2013-1119
• CVE-2013-5470

Source

• Secunia
• Security Tracker
• Cisco

Related Link

• http://secunia.com/advisories/54602/
• http://secunia.com/advisories/54607/
• http://secunia.com/advisories/54610/
• http://securitytracker.com/id/1028958
• http://securitytracker.com/id/1028959
• http://securitytracker.com/id/1028960
• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130828-acs
• http://tools.cisco.com/security/center/viewAlert.x?alertId=30529
• http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3467
• http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3472
• http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5469
• http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474
• http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463
• http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5744
• http://securitytracker.com/id/1028972
• http://securitytracker.com/id/1028975
• http://securitytracker.com/id/1028979