Archived Content
In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.Cisco Releases Security Updates
Last Revised
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco Cloud Services Platform 2100 Command Injection Vulnerability cisco-sa-20160921-csp2100-1
- Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability cisco-sa-20160921-csp2100-2
- Cisco IOS and IOS XE IOX Command Injection Vulnerability cisco-sa-20160921-iox
- Cisco Firepower Management Center and FireSIGHT System Software SSL Inspection Bypass Vulnerability cisco-sa-20160921-fmc
- Cisco IOS and IOS XE Software Data in Motion Component Denial of Service Vulnerability cisco-sa-20160921-dmo
- Cisco Prime Home Web-Based User Interface XML External Entity Vulnerability cisco-sa-20160921-cph
- Cisco Application-Hosting Framework HTTP Header Injection Vulnerability cisco-sa-20160921-caf1
- Cisco Application Policy Infrastructure Controller Binary Privilege Escalation Vulnerability cisco-sa-20160921-apic
- Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability cisco-sa-20151125-ci
This product is provided subject to this Notification and this Privacy & Use policy.