Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review the following Cisco advisories and apply the necessary updates:
- IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability cisco-sa-voip-phones-rce-dos-rB6EeRXs
- Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data cisco-sa-ucsd-mult-vulns-UNfpdW4E
- Wireless LAN Controller 802.11 Generic Advertisement Service Denial-of-Service Vulnerability cisco-sa-wlc-gas-dos-8FsE3AWH
- Wireless LAN Controller CAPWAP Denial-of-Service Vulnerability cisco-sa-wlc-capwap-dos-Y2sD9uEw
- Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerability cisco-sa-webex-player-Q7Rtgvby
- Mobility Express Software Cross-Site Request Forgery Vulnerability cisco-sa-mob-exp-csrf-b8tFec24
- IoT Field Network Director Denial-of-Service Vulnerability cisco-sa-iot-coap-dos-WTBu6YTq
- Unified Communications Manager Path Traversal Vulnerability cisco-sa-cucm-taps-path-trav-pfsFO93r
- Aironet Series Access Points Client Packet Processing Denial-of-Service Vulnerability cisco-sa-airo-wpa-dos-5ZLs6ESz