Severity Level: High
Title:
Cisco Security Advisories
Summary:
Below is the list of Cisco Security Advisories published by Cisco PSIRT
The following PSIRT security advisories (2 High, 1 Medium) were published Vulnerabilities Details:
1.Cisco Meraki MX and Z Series AnyConnect VPN Denial of Service Vulnerability – SIR :
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device.
2. Cisco Enterprise Chat and Email Denial of Service Vulnerability:
A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
3. Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected system.
Recommendations:
Customers are advised to upgrade to an appropriate fixed software release
References:
click here
click here
click here