Security News > 2018 > February > Cisco issues new, complete fixes for critical flaw in enterprise security appliances
2018-02-06 16:03
Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/0scXGeJICVc/
Related news
- Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- Cisco creates architecture to improve security and sell you new switches (source)
- Governments issue alerts after 'sophisticated' state-backed actor found exploiting flaws in Cisco security boxes (source)
- 73% of SME security pros missed or ignored critical alerts (source)
- 10 Critical Endpoint Security Tips You Should Know (source)
- DHS establishes AI Safety and Security Board to protect critical infrastructure (source)
- U.S. Government Releases New AI Security Guidelines for Critical Infrastructure (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-29 | CVE-2018-0101 | Double Free vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 10.0 |