Cisco Released Critical Security Updates for Vulnerabilities that Affected Cisco Products

Cisco Released critical Security Updates for many of its product where they addressed 27 new vulnerabilities which categorized under Critical, High and Medium.

Some of the critical Vulnerabilities allows a remote attacker could exploit one of these vulnerabilities to take control of an affected system.

Security updates released with fixes of 4 Vulnerabilities under “Critical” category, 9 vulnerabilities fixed under “High” Impact Catagory and the remaining 14 vulnerabilities are addressed under “Medium” severity.

In this case, 2 Cisco products(Cisco Finesse, Cisco Unified Contact Center Express) contains multiple vulnerabilities that fixed under “Medium” severity.

Cisco does not provide vulnerability details that could enable someone to craft an exploit and the fixed vulnerabilities are affected directly by the Cisco products.

Cisco Released Critical Security updates

Critical Severity Vulnerabilities

High Severity Vulnerabilities

Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities High CVE-2018-0379 2018 Jul 18 1.0	Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities	High	CVE-2018-0379	2018 Jul 18	1.0
Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities	High	CVE-2018-0379	2018 Jul 18	1.0
Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability High CVE-2018-0349 2018 Jul 18 1.0	Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability	High	CVE-2018-0349	2018 Jul 18	1.0
Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability	High	CVE-2018-0349	2018 Jul 18	1.0
Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability High CVE-2018-0346 2018 Jul 18 1.0	Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability	High	CVE-2018-0346	2018 Jul 18	1.0
Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability	High	CVE-2018-0346	2018 Jul 18	1.0
Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability High CVE-2018-0345 2018 Jul 18 1.0	Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability	High	CVE-2018-0345	2018 Jul 18	1.0
Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability	High	CVE-2018-0345	2018 Jul 18	1.0
Cisco SD-WAN Solution Command Injection Vulnerability High CVE-2018-0351 2018 Jul 18 1.0	Cisco SD-WAN Solution Command Injection Vulnerability	High	CVE-2018-0351	2018 Jul 18	1.0
Cisco SD-WAN Solution Command Injection Vulnerability	High	CVE-2018-0351	2018 Jul 18	1.0
Cisco SD-WAN Solution CLI Command Injection Vulnerability High CVE-2018-0348 2018 Jul 18 1.0	Cisco SD-WAN Solution CLI Command Injection Vulnerability	High	CVE-2018-0348	2018 Jul 18	1.0
Cisco SD-WAN Solution CLI Command Injection Vulnerability	High	CVE-2018-0348	2018 Jul 18	1.0
Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability High CVE-2018-0350 2018 Jul 18 1.0	Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability	High	CVE-2018-0350	2018 Jul 18	1.0
Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability	High	CVE-2018-0350	2018 Jul 18	1.0
Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability High CVE-2018-0347 2018 Jul 18 1.0	Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability	High	CVE-2018-0347	2018 Jul 18	1.0
Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability	High	CVE-2018-0347	2018 Jul 18	1.0
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability High CVE-2018-0372 2018 Jul 18 1.0	Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability	High	CVE-2018-0372	2018 Jul 18	1.0
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability	High	CVE-2018-0372	2018 Jul 18	1.0

High Severity Vulnerabilities

Cisco Webex Teams Remote Code Execution Vulnerability Medium CVE-2018-0387 2018 Jul 18 1.0	Cisco Webex Teams Remote Code Execution Vulnerability	Medium	CVE-2018-0387	2018 Jul 18	1.0
Cisco Webex Teams Remote Code Execution Vulnerability	Medium	CVE-2018-0387	2018 Jul 18	1.0
Cisco Webex Network Recording Players Denial of Service Vulnerabilities Medium CVE-2018-0380 2018 Jul 18 1.0	Cisco Webex Network Recording Players Denial of Service Vulnerabilities	Medium	CVE-2018-0380	2018 Jul 18	1.0
Cisco Webex Network Recording Players Denial of Service Vulnerabilities	Medium	CVE-2018-0380	2018 Jul 18	1.0
Cisco Webex DOM-Based Cross-Site Scripting Vulnerability Medium CVE-2018-0390 2018 Jul 18 1.0	Cisco Webex DOM-Based Cross-Site Scripting Vulnerability	Medium	CVE-2018-0390	2018 Jul 18	1.0
Cisco Webex DOM-Based Cross-Site Scripting Vulnerability	Medium	CVE-2018-0390	2018 Jul 18	1.0
Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability Medium CVE-2018-0396 2018 Jul 18 1.0	Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability	Medium	CVE-2018-0396	2018 Jul 18	1.0
Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability	Medium	CVE-2018-0396	2018 Jul 18	1.0
Multiple Vulnerabilities in Cisco Unified Contact Center Express Medium CVE-2018-0400 CVE-2018-0401 … 2018 Jul 18 1.0	Multiple Vulnerabilities in Cisco Unified Contact Center Express	Medium	CVE-2018-0400 CVE-2018-0401 …	2018 Jul 18	1.0
Multiple Vulnerabilities in Cisco Unified Contact Center Express	Medium	CVE-2018-0400 CVE-2018-0401 …	2018 Jul 18	1.0
Cisco SD-WAN Solution Remote Code Execution Vulnerability Medium CVE-2018-0343 2018 Jul 18 1.0	Cisco SD-WAN Solution Remote Code Execution Vulnerability	Medium	CVE-2018-0343	2018 Jul 18	1.0
Cisco SD-WAN Solution Remote Code Execution Vulnerability	Medium	CVE-2018-0343	2018 Jul 18	1.0
Cisco SD-WAN Solution Command Injection Vulnerability Medium CVE-2018-0344 2018 Jul 18 1.0	Cisco SD-WAN Solution Command Injection Vulnerability	Medium	CVE-2018-0344	2018 Jul 18	1.0
Cisco SD-WAN Solution Command Injection Vulnerability	Medium	CVE-2018-0344	2018 Jul 18	1.0
Cisco SD-WAN Solution Local Buffer Overflow Vulnerability Medium CVE-2018-0342 2018 Jul 18 1.0	Cisco SD-WAN Solution Local Buffer Overflow Vulnerability	Medium	CVE-2018-0342	2018 Jul 18	1.0
Cisco SD-WAN Solution Local Buffer Overflow Vulnerability	Medium	CVE-2018-0342	2018 Jul 18	1.0
Cisco Policy Suite World-Readable Sensitive Data Vulnerability Medium CVE-2018-0392 2018 Jul 18 1.0	Cisco Policy Suite World-Readable Sensitive Data Vulnerability	Medium	CVE-2018-0392	2018 Jul 18	1.0
Cisco Policy Suite World-Readable Sensitive Data Vulnerability	Medium	CVE-2018-0392	2018 Jul 18	1.0
Cisco Policy Suite Read-Only User Effect Change Vulnerability Medium CVE-2018-0393 2018 Jul 18 1.0	Cisco Policy Suite Read-Only User Effect Change Vulnerability	Medium	CVE-2018-0393	2018 Jul 18	1.0
Cisco Policy Suite Read-Only User Effect Change Vulnerability	Medium	CVE-2018-0393	2018 Jul 18	1.0
Multiple Vulnerabilities in Cisco Finesse Medium CVE-2018-0398 CVE-2018-0399 2018 Jul 18 1.0	Multiple Vulnerabilities in Cisco Finesse	Medium	CVE-2018-0398 CVE-2018-0399	2018 Jul 18	1.0
Multiple Vulnerabilities in Cisco Finesse	Medium	CVE-2018-0398 CVE-2018-0399	2018 Jul 18	1.0
Medium CVE-2018-0394 2018 Jul 18 1.0		Medium	CVE-2018-0394	2018 Jul 18	1.0
	Medium	CVE-2018-0394	2018 Jul 18	1.0

With the last security update, Cisco fixed 8 vulnerabilities that affected various Cisco products and one of those flaws allow remote attackers to execute the arbitrary code and taking the system control.

Also Read

Oracle Releases Critical Patch Update that Covers 334 Vulnerabilities Across All the Products

Debian 9.5 Released With Fix for Spectre v2 and Other Security Issues

Cisco Released Security Updates and Fixed Critical Vulnerabilities that Affected Cisco Products