Security News > 2020 > May > Cisco Patches Critical Vulnerability in Contact Center Software
Cisco this week released security patches to address several vulnerabilities in its products, including a critical severity bug in its Unified Contact Center Express software.
The issue, Cisco explains in an advisory, exists because of the software's insecure deserialization of user supplied content.
Cisco also released a software update to address a high vulnerability in Prime Network Registrar that could be abused by a remote, unauthenticated attacker to cause a denial of service condition.
Cisco addressed medium risk vulnerabilities in AMP for Endpoints Mac Connector Software and AMP for Endpoints Linux Connector Software, which could be abused to cause a DoS condition or cause a crash and restart of the service.
Prime Collaboration Provisioning Software releases earlier than 12.6 SU2 were found impacted and Cisco says it is not aware of a workaround for this issue.
News URL
Related news
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems (source)
- New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)