Security News > 2021 > January > Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products
Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite.
Several command injection bugs addressed in SD-WAN products could allow an attacker to perform actions as root on the affected devices, the most important of which is rated critical severity, featuring a CVSS score of 9.9.
A critical vulnerability addressed in DNA Center could be exploited to perform command injection attacks.
Cisco DNA Center releases prior to version 1.3.1.0 are affected.
Cisco Smart Software Manager On-Prem releases 6.3.0 and later contain fixes for all of these flaws.
This week, the company also released patches for multiple other high- and medium-severity flaws in SD-WAN, DNA Center, Data Center Network Manager, SSMS, Advanced Malware Protection for Endpoints for Windows and Immunet for Windows, Web Security Appliance, Umbrella, Unified Communications products, Elastic Services Controller, Email Security Appliance, Content Security Management Appliance, and StarOS. Information on all of the addressed vulnerabilities can be found on Cisco's security portal.
News URL
Related news
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Exploited: Cisco, SharePoint, Chrome vulnerabilities (source)