Security News > 2019 > August > Cisco warns about public exploit code for critical flaws in its 220 Series smart switches
2019-08-22 09:47
Cisco has fixed over 30 vulnerabilities in various solutions, including Cisco UCS Director, Cisco UCS Director Express for Big Data, Cisco IMC Supervisor, and the Cisco 220 Series smart switches. Updates by product Users of Cisco UCS Director and Cisco UCS Director Express for Big Data are advised to upgrade to versions 6.7.3.0 and 3.7.3.0, respectively, as they fix, among other things: CVE-2019-1938, an API authentication bypass vulnerability that could be triggered by a specially … More → The post Cisco warns about public exploit code for critical flaws in its 220 Series smart switches appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/K1ct1Ijwwjw/
Related news
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)
- 1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole (source)
- Hackers exploit critical bug in Array Networks SSL VPN products (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Critical security hole in Apache Struts under exploit (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-1938 | Improper Authentication vulnerability in Cisco UCS Director and UCS Director Express for BIG Data A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 9.8 |