Security News > 2021 > January > Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products
Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite.
Several command injection bugs addressed in SD-WAN products could allow an attacker to perform actions as root on the affected devices, the most important of which is rated critical severity, featuring a CVSS score of 9.9.
A critical vulnerability addressed in DNA Center could be exploited to perform command injection attacks.
Cisco DNA Center releases prior to version 1.3.1.0 are affected.
Cisco Smart Software Manager On-Prem releases 6.3.0 and later contain fixes for all of these flaws.
This week, the company also released patches for multiple other high- and medium-severity flaws in SD-WAN, DNA Center, Data Center Network Manager, SSMS, Advanced Malware Protection for Endpoints for Windows and Immunet for Windows, Web Security Appliance, Umbrella, Unified Communications products, Elastic Services Controller, Email Security Appliance, Content Security Management Appliance, and StarOS. Information on all of the addressed vulnerabilities can be found on Cisco's security portal.
News URL
Related news
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List (source)