Skip to main content

Cisco Products Multiple Vulnerabilities

Release Date: 19 Aug 2021 2915 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Cisco Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

 

Notes:

  • Proof Of Concept Exploit Code Is Publicly Available for CVE-2021-34749

Impact

  • Data Manipulation
  • Security Restriction Bypass
  • Information Disclosure
  • Denial of Service

System / Technologies affected

  • Cisco Secure Email and Web Manager
  • Cisco Web Security Appliance (WSA)
  • Cisco Firepower Threat Defense (FTD)
  • Snort detection engine
  • Cisco 3000 Series Industrial Security Appliances (ISAs)
  • Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers

 

Please refer to the link below for detail:


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

Notes: No patch is available for Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. (Have entered the end-of-life process) User should replace the affected product as soon as possible.

 

Workaround: disable the affected feature. For detail, please refer to the link below:


Vulnerability Identifier


Source


Related Link