Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:
- Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability cisco-sa-esa-wsa-cert-vali-n8L97RW
- Cisco DNA Center Certificate Validation Vulnerability cisco-sa-dnac-certvalid-USEj2CZk
- Cisco Small Business 220 Series Smart Switches Vulnerabilities cisco-sa-ciscosb-multivulns-Wwyb7s5E
- Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability cisco-sa-anyconnect-pos-dll-ff8j6dFv
- Cisco Meeting Server API Denial of Service Vulnerability cisco-sa-meetingserver-dos-NzVWMMQT
- Cisco Jabber Desktop and Mobile Client Software Vulnerabilities cisco-sa-jabber-GuC5mLwG
- Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability cisco-sa-cuic-xss-csHUdtrL
- Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability cisco-sa-anyconnect-dos-hMhyDfb8
- Cisco Jabber and Webex Client Software Shared File Manipulation Vulnerability cisco-sa-webex-teams-7ZMcXG99
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.