Security News > 2022 > September > Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products

Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products
2022-09-08 03:48

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit late last month.

Aside from CVE-2022-28199, Cisco has also resolved a vulnerability in its Cisco SD-WAN vManage Software that could "Allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system."

Successful exploitation of the flaw could permit the attacker to view and inject messages into the messaging service, which can cause configuration changes or cause the system to reload, Cisco said.

A third flaw remediated by Cisco is a vulnerability in the messaging interface of Cisco Webex App, which could enable an unauthenticated, remote attacker to modify links or other content and conduct phishing attacks.

Cisco credited Rex, Bruce, and Zachery from Binance Red Team for discovering and reporting the vulnerability.

"Cisco has not released and will not release software updates to address the vulnerability," it said, encouraging users to "Migrate to Cisco Small Business RV132W, RV160, or RV160W Routers."


News URL

https://thehackernews.com/2022/09/cisco-releases-security-patches-for-new.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-28199 Improper Input Validation vulnerability in Nvidia Data Plane Development KIT 20.111.0.04
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality.
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751