Security News > 2019 > August > Cisco warns about public exploit code for critical flaws in its 220 Series smart switches
2019-08-22 09:47
Cisco has fixed over 30 vulnerabilities in various solutions, including Cisco UCS Director, Cisco UCS Director Express for Big Data, Cisco IMC Supervisor, and the Cisco 220 Series smart switches. Updates by product Users of Cisco UCS Director and Cisco UCS Director Express for Big Data are advised to upgrade to versions 6.7.3.0 and 3.7.3.0, respectively, as they fix, among other things: CVE-2019-1938, an API authentication bypass vulnerability that could be triggered by a specially … More → The post Cisco warns about public exploit code for critical flaws in its 220 Series smart switches appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/K1ct1Ijwwjw/
Related news
- Critical security hole in Apache Struts under exploit (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-1938 | Improper Authentication vulnerability in Cisco UCS Director and UCS Director Express for BIG Data A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 9.8 |