Manoharan Mudaliar

Cyber Security Consultant

Cisco Releases Major Security Updates on Various Platform

Cisco Security Advisory team releases security updates that address a vulnerability in multiple products.

Summary

Most of the vulnerabilities in various products highlight that a remote attacker could exploit vulnerabilities to take control of the affected system.

Major Affected Software and Appliance

  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability[1]
  • Cisco ASA Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability[2]
  • Cisco ASA Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability[3]
  • Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability[4]
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability[5]
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability[6]
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability[7]
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities[8]

Advisory

It is highly advised to review the Cisco Advisory for more information and apply the necessary steps.

For detailed information, please visit

  1. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv
  2. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k
  3. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB
  4. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS
  5. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
  6. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN
  7. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx
  8. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH

Reference

https://tools.cisco.com/security/center/publicationListing.x
https://www.us-cert.gov/ncas/current-activity/2020/05/07/cisco-releases-security-updates-multiple-products