Security News > 2020 > March > What do you not want right now? A bunch of Cisco SD-WAN, Webex vulnerabilities? Here are a bunch of them
2020-03-19 21:30
Cisco has issued a series of security updates for its SD-WAN and Webex software, just when they're most needed.
The five CVE-listed bugs are down to what Cisco calls "Insufficient input validation," and the avenues to exploit it range from SQL to HTTP requests.
The Webex video-conferencing software also needs some sorting out right when everyone's working from home amid the coronavirus pandemic.
The patch bundle includes a fix for Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows.
"The vulnerability exists because the web UI improperly validates SQL values," Cisco said.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/03/19/cisco_sdwan_bugs/
Related news
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- CISA tags Windows, Cisco vulnerabilities as actively exploited (source)
- Cisco warns of Webex for BroadWorks flaw exposing credentials (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)