Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco Meeting Server Client Authentication Bypass Vulnerability [cisco-sa-20161012-msc (link is external)]
- Cisco Wide Area Application Services Central Manager Denial of Service Vulnerability [cisco-sa-20161012-waas (link is external)]
- Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability [cisco-sa-20161012-ucm (link is external)]
- Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability [cisco-sa-20161012-prime (link is external)]
- Cisco Finesse Cross-Site Request Forgery Vulnerability [cisco-sa-20161012-fin (link is external)]
- Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability [cisco-sa-20161012-cbr-8 (link is external)]