Security News > 2017 > March > 300+ Cisco switches affected by critical bug found in Vault 7 data dump (Help Net Security)
2017-03-20 14:48
While combing through WikiLeaks’ Vault 7 data dump, Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited to take over the devices. The vulnerability The flaw is present in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software. “The vulnerability is due to the combination of two factors: the failure to restrict the use of CMP-specific Telnet options only … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/8bzqK_wzDGc/
Related news
- The ongoing evolution of the CIS Critical Security Controls (source)
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)
- Don't Overlook These 6 Critical Okta Security Configurations (source)