Security News > 2020 > January > It’s time to patch your Cisco security solutions again

It’s time to patch your Cisco security solutions again
2020-01-23 11:48

Cisco has released another batch of security updates and patches for a variety of its offerings, including many of its security solutions.

Among the security holes plugged is CVE-2019-16028, a critical authentication bypass vulnerability affecting the Cisco Firepower Management Center - a device that provides visibility into an organization's network and allows admis to centrally manage critical Cisco network security solutions.

Cisco Email Security, Web Security and Content Security Management Appliances also sport a few flaws, all medium-risk and most found during internal security testing.

Cisco ESAs should be upgraded to v13.0 and later, Cisco WSAs to v11.8.0-382 and later, and Cisco SMAs to v13.0.0.-187 and later.

High-risk vulnerabilities fixed in this bundle include several denial of service bugs affecting Cisco Smart Software Manager On-Prem and the Cisco IOS XR Software.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sbTaIpoCTGU/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2019-16028 Improper Authentication vulnerability in Cisco Firepower Management Center
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
network
low complexity
cisco CWE-287
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751