Security News > 2020 > April > Using Cisco IP phones? Fix these critical vulnerabilities
Among the vulnerabilities fixed are critical flaws affecting a variety of Cisco IP phones and Cisco UCS Director and Cisco UCS Director Express for Big Data, its unified infrastructure management solutions for data center operations.
Jacob Baines, a research engineer with Tenable, unearthed two critical flaws affecting the Cisco Wireless IP Phone 8821.
Cisco has also provided fixes for nine authentication bypass vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data.
Two DoS flaws have been plugged in Cisco Wireless LAN Controllers, one in Cisco Aironet Series Access Points, and one in the Cisco IoT Field Network Director.
A code execution flaw in Cisco Webex Network Recording Player and Cisco Webex Player requires victim action to be exploited, and so does a CSRF flaw in Cisco Mobility Express Software.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-hB8BrQUTpM/
Related news
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)