Tag: Cisco

Overview On July 15, 2020 local time, Cisco released security advisories to address vulnerabilities across multiple products, including five Critical vulnerabilities with a CVSS base score of 9.8 (CVE-2020-3330, CVE-2020-3323, CVE-2020-3144, CVE-2020-3331, and CVE-2020-3140). Reference link: https://tools.cisco.com/security/center/publicationListing.x (mais…)

Overview Recently, Cisco officially released a security advisory, announcing the fix of a high-risk vulnerability (CVE-2020-3280) in Unified Contact Center Express (Unified CCX). The vulnerability stems from the fact that during the deserialization operation of the software, the input provided by the user is not sufficiently restricted. The attacker can...

Overview On February 6, 2020, Beijing time, Cisco fixed five high-risk vulnerabilities in the Cisco Discovery Protocol (CDP) in new versions. The CDP protocol allows Cisco devices to share information in the intranet via multicast messages. These vulnerabilities affect VoIP (Voice over Internet Protocol) phones and cameras. (mais…)

Overview Multiple vulnerabilities in the authentication mechanism of Cisco Data Center Network Manager (dcnm) (cve-2019-15975, cve-2019-15976, cve-2019-15977) may allow unauthorized remote attackers to bypass authentication and perform arbitrary operations with administrative privileges on the affected devices. (mais…)

Overview On August 21, 2019, local time, Cisco officially released multiple security advisories, announcing remediation of critical vulnerabilities in a number of products. These vulnerabilities include authentication bypass and remote code execution vulnerabilities and the most critical one gets a CVSS score of 9.8. (mais…)

Overview On August 28, 2019, local time, Cisco released a security advisory, announcing remediation of an authentication bypass vulnerability (CVE-2019-12643) in the Cisco REST API virtual service container for Cisco IOS XE Software. (mais…)