CIRT.GY | Release Security Updates for Multiple Products (A

Release Security Updates for Multiple Products (August 22, 2019)

Ref# Cisco | Date: Aug 26th 2019

Description

The Cisco Corporation has recently released security updates for vulnerabilities in CISCO Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. It is recommended that you take the necessary precautions by ensuring your products are always updated.

Cisco Advisories:

Authentication Bypass Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data release

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-ucs-authby

Authentication Bypass Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data release

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-ucs- authbypass

Secure Copy (SCP) User Default Credentials Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-usercred

Application Programming Interface (API) Authentication Bypass Vulnerability in UCS Director and UCS Director Express for Big Data releases https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-ucsd-authbypass

The Guyana National CIRT recommends users and administration to review these updates and to apply them where necessary

Reference

Cisco Release Security Updates for Multiple Products (US-Cert)

https://www.us-cert.gov/ncas/current-activity/2019/08/22/cisco-releases-security-updates