Cisco Releases Security Updates

Last Revised

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

  • Wireless LAN Controller 802.11v Basic Service Set Transition Management Denial of Service Vulnerability cisco-sa-20171101-wlc2
  • Wireless LAN Controller Simple Network Management Protocol Memory Leak Denial of Service Vulnerability cisco-sa-20171101-wlc1
  • Identity Services Engine Privilege Escalation Vulnerability cisco-sa-20171101-ise
  • Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart Licensing Command Injection Vulnerability cisco-sa-20171101-fpwr
  • Prime Collaboration Provisioning Authenticated SQL Injection Vulnerability cisco-sa-20171101-cpcp
  • Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability cisco-sa-20171101-apicem
  • Aironet 1560, 2800, and 3800 Series Access Point Platforms Extensible Authentication Protocol Denial of Service Vulnerability cisco-sa-20171101-aironet2
  • Aironet 1560, 2800, and 3800 Series Access Point Platforms 802.11 Denial of Service Vulnerability cisco-sa-20171101-aironet1

This product is provided subject to this Notification and this Privacy & Use policy.