To Customer Support To Customer Support

Cisco Warning of Vulnerabilities in Routers, Data Center Platforms

  • 9 December 2015
  • 4 replies
  • 153 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
by Chris Brook December 9, 2015
 
                                            



Cisco is warning users this week that several of its products — routers, gateways, and data center platforms — suffer from vulnerabilities.

The company published five advisories across Monday and Tuesday warning of the issues — all which are being marked “medium” severity.

While they all sound pressing, the most concerning vulnerability, at least as far as CVSS scores go, is an access vulnerability (6.5) in the web interface of its Prime Service Catalog.
 
Full Article

4 replies

Ssherjj
Rank
Userlevel 7
Badge +62
Did I read this correct;ly? No updates or work arounds because no body is using this vulnerability?
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
@ wrote:
Did I read this correct;ly? No updates or work arounds because no body is using this vulnerability?
"but also adds that it’s not aware of anyone leveraging the vulnerabilities to carry out malicious attacks on systems."
 
Nobody is actually using the vulnerabilities to carry out attacks, well not yet anyway.
R
Rank
Userlevel 7
Does not make sense?? Marked medium severity, and nothing is being done to plug the exploit??
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Huge number of vulnerable products

 
                                  


 
10 Dec 2015 at 02:56, Richard Chirgwin
 
November's high-profile Java deserialisation bug has bitten Cisco, with the company announcing vulnerabilities across the board in its huge product line.
 
The problem is so pervasive that it reaches into the most trivial activities of the sysadmin, such as serial number assessment services.
 
The original advisory made by FoxGlove Security focussed on the Apache Commons Collections (ACCs), but a few days ago, SourceClear warned that it appeared in a lot more libraries than originally believed.
 
Full Article

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.