CIRT.GY | Releases Security Updates for Multiple Products (

Releases Security Updates for Multiple Products (June 5, 2019)

Ref# Cisco | Date: Jun 7th 2019

Description

The Cisco Corporation has recently released security updates to address vulnerabilities in multiple cisco products. It is recommended that you take the necessary precautions by ensuring your products are always updated.

High

Industrial Network Director Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-rce

Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-cucm-imp-dos

Medium

Webex Meetings Server Information Disclosure Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-webexmeetings-id

TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-vcs

Unified Computing System BIOS Signature Bypass Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ucs-biossig-bypass

IOS XR Software Secure Shell Authentication Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh

Industrial Network Director Stored Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-xss

Industrial Network Director Cross-Site Request Forgery Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-csrf

Enterprise Chat and Email Cross-Site Scripting Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ece-xss

The Guyana National CIRT recommends users and administration to review these updates and to apply them where necessary.

Reference

Cisco Releases Security Updates for Multiple Products (US-Cert)

https://www.us-cert.gov/ncas/current-activity/2019/06/05/Cisco-Releases-Security-Updates-Multiple-Products