Skip to main content

Cisco Products Multiple Vulnerabilities

Release Date: 22 Jan 2021 4608 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution, sensitive information disclosure and cross-site scripting on the targeted system.


Impact

  • Cross-Site Scripting
  • Elevation of Privilege
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Cisco ESA
  • Cisco SMA
  • Cisco WSA
  • Cisco Umbrella
  • Cisco AsyncOS for the Secure Web Appliance

 

Please refer to the link below for detail:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-RHp44vAC

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umb-dos-dgKzDEBP

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-nPzWZrQj

 


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

  • Apply fixes issued by the vendor:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-RHp44vAC

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umb-dos-dgKzDEBP

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-nPzWZrQj

 

Vulnerability Identifier


Source


Related Link