Skip to main content

Cisco Products Multiple Vulnerabilities

Release Date: 27 Sep 2024 2499 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure, data manipulation, cross-site scripting and security restriction bypass on the targeted system.


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Elevation of Privilege
  • Cross-Site Scripting
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • 1000 Series Integrated Services Routers (ISRs) running a vulnerable release of Cisco IOS XE Software
  • 1000 Series Integrated Services Routers (ISRs) running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • 4000 Series ISRs running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • Catalyst 8000v Edge Software running a vulnerable release of Cisco IOS XE Software
  • Catalyst 8000V Edge Software running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • Catalyst 8200 Series Edge Platforms running a vulnerable release of Cisco IOS XE Software
  • Catalyst 8200 Series Edge Platforms running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • Catalyst 8300 Series Edge Platforms running a vulnerable release of Cisco IOS XE Software
  • Catalyst 8300 Series Edge Platforms running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • Catalyst 8500L Edge Platforms running a vulnerable release of Cisco IOS XE Software
  • Catalyst 8500L Series Edge Platforms running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • Catalyst 9300X Series Switches running a vulnerable release of Cisco IOS XE Software
  • Catalyst 9400X Supervisor Engines running a vulnerable release of Cisco IOS XE Software
  • Catalyst 9500X Series Switches running a vulnerable release of Cisco IOS XE Software
  • Catalyst 9600 Series Switches running a vulnerable release of Cisco IOS XE Software
  • Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300, 9400, and 9500 Series Switches running a vulnerable release of Cisco IOS XE Software
  • Catalyst 9800 Series Wireless Controllers running a vulnerable release of Cisco IOS XE Software
  • Catalyst 9800-CL Wireless Controllers for Cloud running a vulnerable release of Cisco IOS XE Software
  • Catalyst IR8300 Rugged Series Routers running a vulnerable release of Cisco IOS XE Software
  • Catalyst IR8300 Rugged Series Routers running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
  • Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 17.12.1 or 17.12.1a.
  • Cisco Catalyst Center
  • Cisco Catalyst SD-WAN Manager
  • Cisco cBR-8 Converged Broadband Routers running Cisco IOS XE Software Release 17.12.1 or 17.12.1a.
  • Cisco IOS and IOS XE Software
  • Crosswork NSO
  • Embedded Wireless Controllers on Catalyst Access Points running a vulnerable release of Cisco IOS XE Software
  • Industrial Ethernet 4000 Series Switches running Cisco IOS Software Release 15.2(8)E2 or later
  • Industrial Ethernet 4010 Series Switches running Cisco IOS Software Release 15.2(8)E2 or later
  • Industrial Ethernet 5000 Series Switches running Cisco IOS Software Release 15.2(8)E2 or later
  • Optical Site Manager
  • RV340 Dual WAN Gigabit VPN Routers
  • SD-WAN vEdge Cloud Routers
  • SD-WAN vEdge Routers

 

Please refer to the link below for detail:


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link