Security News > 2021 > May > Cisco Patches Critical Flaws in SD-WAN, HyperFlex HX Products
Cisco on Wednesday released patches to address tens of vulnerabilities across its product portfolio, including critical flaws in SD-WAN software and the HyperFlex HX data platform.
Two critical vulnerabilities were patched in the SD-WAN vManage software, alongside three high-severity issues.
The second critical bug impacts the web-based management interface of SD-WAN vManage and could allow attackers to gain elevated privileges.
Affected products include IOS XE SD-WAN, SD-WAN vEdge routers, SD-WAN vBond Orchestrator, SD-WAN vEdge cloud routers, and SD-WAN vSmart Controller software.
On Wednesday, Cisco also announced patches for a critical flaw in the web-based management interface of the HyperFlex HX installer virtual machine, which could lead to executing commands as root.
Cisco also released fixes for various medium-severity bugs in SD-WAN and other products.
News URL
Related news
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)