Security News > 2018 > February > Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Cisco issues new, complete fixes for critical flaw in enterprise security appliances
2018-02-06 16:03

Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More →


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/0scXGeJICVc/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-01-29 CVE-2018-0101 Double Free vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.
network
low complexity
cisco CWE-415
critical
 10.0
10

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1668 288 3750