Release Security Updates for Multiple Products (March 27, 2019)

Ref# Cisco | Date: Apr 24th 2019

Great news Cisco users, the Cisco Corporation has recently released security updates to address vulnerabilities in multiple Cisco products. It is recommended to take the necessary precautions by ensuring your products are always updated to avoid remote attackers from exploiting one of these vulnerabilities by taking control of an affected system.

Critical

  • Cisco WebEx Browser Extension Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex

High

  • Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info

  • Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject

  • Cisco IOS XE Software Information Disclosure Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xeid

  • Cisco IOS XE Software Command Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xecmd

  • Cisco IOS and IOS XE Software Short Message Service Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-sms-dos

  • Cisco Aggregation Services Router 900 Route Switch Processor 3 OSPFv2 Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-rsp3-ospf

  • Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-pnp-cert

  • Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nbar

  • Cisco IOS Software NAT64 Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-nat64

  • Cisco IOS and IOS XE Software ISDN Interface Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-isdn

  • Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos

  • Cisco IOS XE Software Privilege Escalation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-privesc

  • Cisco IOS XE Software Privilege Escalation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-pe

  • Cisco IOS XE Software Command Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinject

  • Cisco IOS XE Software Command Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-iosxe-cmdinj

  • Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-evss

  • Cisco IOS XE Software Encrypted Traffic Analytics Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-eta-dos

  • Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-cmp-dos

The Guyana National CIRT recommends users and administration to review these updates and to apply them where necessary.

Reference

  • Cisco Release Security updates for multiple products (US-Cert)

https://tools.cisco.com/security/center/publicationListing.x