Cisco Releases Security Updates

Description:

Cisco has released security updates to address vulnerabilities in multiple Cisco products. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.

Impact: A remote attacker could exploit this vulnerability to take control of an affected system.

Mitigation: Updates are available. Please see the references or vendor advisory for more information.

Reference URL’s:

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-wmda-cmdinj