Security News > 2020 > July > Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Cisco Warns of High-Severity Bug in Small Business Switch Lineup
2020-07-01 21:02

Cisco Systems is warning of a high-severity flaw affecting more than a half-dozen of its small business switches.

The flaw, which ranks 8.1 out of 10.0 on the CVSS scale, stems from use of weak entropy generation for session identifier values, a Wednesday Cisco security advisory said.

Cisco has fixed the issue in firmware release 2.5.5.47.

"Although these switches are vulnerable, Cisco will not provide a firmware fix," said the company.

Cisco on Wednesday also released patches for a slew of medium-severity flaws, including ones in its small business RV042 and RV-042G routers, its Digital Network Architecture Center, its identity services engine, its Unified Customer Voice Portal, Unified Communications products and AnyConnect Security Mobility Client.


News URL

https://threatpost.com/cisco-warns-high-severity-bug-small-business-switch/157090/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751