Original release date: November 19, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.

Integrated Management Controller Multiple Remote Code Execution Vulnerabilities cisco-sa-ucs-api-rce-UXwpeDHd
DNA Spaces Connector Command Injection Vulnerability cisco-sa-dna-cmd-injection-rrAYzOwc
IoT Field Network Director Unauthenticated REST API Vulnerability cisco-sa-FND-BCK-GHkPNZ5F
Secure Web Appliance Privilege Escalation Vulnerability cisco-sa-wsa-prv-esc-nPzWZrQj
IoT Field Network Director SOAP API Authorization Bypass Vulnerability cisco-sa-FND-AUTH-vEypBmmR
IoT Field Network Director Missing API Authentication Vulnerability cisco-sa-FND-APIA-xZntFS2V

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
 

This product is provided subject to this Notification and this Privacy & Use policy.Original release date: November 19, 2020

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
 

This product is provided subject to this Notification and this Privacy & Use policy.

Leave a Reply