Security News > 2020 > May > Critical Cisco Bug in Unified CCX Allows Remote Code Execution
Cisco has hurried out a fix out for a critical remote code-execution flaw in its customer interaction management solution, Cisco Unified Contact Center Express.
Cisco's Unified CCX software is touted as a "Contact center in a box" that allows companies to deploy customer-care applications.
Those who are using Cisco Unified CCX version 12.0 and earlier are urged to update to the fixed release, 12.0(1)ES03.
Cisco is not aware of any public announcements or malicious use of the flaw, according to the update.
Also fixed were several medium-severity flaws, including a SQL injection flaw in Cisco's Prime Collaboration Provisioning Software, a DOS flaw in Cisco AMP for Endpoints Mac Connector Software and memory buffer flaws in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software.
News URL
https://threatpost.com/critical-cisco-rce-flaw-unified-ccx/155980/
Related news
- Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)