HKCert
HKCERT logo Hong Kong Computer Emergency Response Team Coordination Centre

HKCERT logo Hong Kong Computer Emergency Response Team Coordination Centre

  

Cisco Products Multiple Vulnerabilities

Release Date: 21 / 07 / 2020
Last Update: 24 / 07 / 2020
Risk Level:  


Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.

 

Notes: No patch is currently available.

 

[Updated on 2020-07-24]

Note: Patch is currently available. The risk level was decreased to medium risk correspondingly.

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure
  • Cisco ASR 5000
  • Cisco ASR 5500
  • Cisco Virtual Packet Core

 

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

  • Cisco ASR 5000 21.5.27
  • Cisco ASR 5500 21.5.27
  • Cisco ASR 5500 21.11.15
  • Cisco ASR 5500 21.14.22
  • Cisco ASR 5500 21.20.2
  • Cisco Virtual Packet Core 21.5.27
  • Cisco Virtual Packet Core 21.11.15
  • Cisco Virtual Packet Core 21.14.22
  • Cisco Virtual Packet Core 21.20.2

 

Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC