Cisco Products Multiple Vulnerabilities

Release Date: 19 Aug 2021 6282 Views

RISK: High Risk

High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Cisco Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

 

Notes:

  • Proof Of Concept Exploit Code Is Publicly Available for CVE-2021-34749

Impact

  • Data Manipulation
  • Security Restriction Bypass
  • Information Disclosure
  • Denial of Service

System / Technologies affected

  • Cisco Secure Email and Web Manager
  • Cisco Web Security Appliance (WSA)
  • Cisco Firepower Threat Defense (FTD)
  • Snort detection engine
  • Cisco 3000 Series Industrial Security Appliances (ISAs)
  • Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers

 

Please refer to the link below for detail:

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

Notes: No patch is available for Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. (Have entered the end-of-life process) User should replace the affected product as soon as possible.

 

Workaround: disable the affected feature. For detail, please refer to the link below:

Vulnerability Identifier

Source

Related Link

Related Tags

CiscoProof of ConceptSecurity Restriction BypassData ManipulationInformation DisclosureDenial of Service

Share with

Previous

Linux Kernel Multiple Vulnerabilities

19 Aug 2021 5403 Views

Next

ISC BIND Denial Of Service Vulnerability

20 Aug 2021 6177 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY