Cisco Products Multiple Vulnerabilities
Release Date:
26 Jan 2024
3669
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, security restriction bypass and cross-site scripting on the targeted system.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Cross-Site Scripting
System / Technologies affected
- 250 Series Smart Switches
- 350 Series Managed Switches
- 350X Series Stackable Managed Switches
- 550X Series Stackable Managed Switches
- Business 250 Series Smart Switches
- Business 350 Series Managed Switches
- Cisco Unity Connection
- Unified Communications Manager (Unified CM) (CSCwd64245)
- Unified Communications Manager IM & Presence Service (Unified CM IM&P) (CSCwd64276)
- Unified Communications Manager Session Management Edition (Unified CM SME) (CSCwd64245)
- Unified Contact Center Express (UCCX) (CSCwe18773)
- Unity Connection (CSCwd64292)
- Virtualized Voice Browser (VVB) (CSCwe18840)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-xss-9TFuu5MS
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm
Vulnerability Identifier
Source
Related Link
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-xss-9TFuu5MS
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm
- https://www.auscert.org.au/bulletins/ESB-2024.0492
- https://www.auscert.org.au/bulletins/ESB-2024.0493
- https://www.auscert.org.au/bulletins/ESB-2024.0494
Share with