Security News > 2020 > April > Using Cisco IP phones? Fix these critical vulnerabilities
Among the vulnerabilities fixed are critical flaws affecting a variety of Cisco IP phones and Cisco UCS Director and Cisco UCS Director Express for Big Data, its unified infrastructure management solutions for data center operations.
Jacob Baines, a research engineer with Tenable, unearthed two critical flaws affecting the Cisco Wireless IP Phone 8821.
Cisco has also provided fixes for nine authentication bypass vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data.
Two DoS flaws have been plugged in Cisco Wireless LAN Controllers, one in Cisco Aironet Series Access Points, and one in the Cisco IoT Field Network Director.
A code execution flaw in Cisco Webex Network Recording Player and Cisco Webex Player requires victim action to be exploited, and so does a CSRF flaw in Cisco Mobility Express Software.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-hB8BrQUTpM/
Related news
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- CISA tags Windows, Cisco vulnerabilities as actively exploited (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- OpenAI now pays researchers $100,000 for critical vulnerabilities (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)