Security Alert (A24-01-23): Multiple Vulnerabilities in Cisco Products


 

Published on: 25 January 2024

  
  

Description:

Cisco released security advisories to address multiple vulnerabilities in Cisco products. For information about the vulnerabilities, please refer to the corresponding security advisories at the vendor's website.

 

Affected Systems:

  • Cisco Small Business Series Switches
  • Cisco Unified Communications
  • Cisco Unified Contact Center Solutions
  • Cisco Unity Connection

For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, security restriction bypass or spoofing of affected system.

 

Recommendation:

Patches for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.

System administrators should contact their product support vendors for the fixes and assistance.

 

More Information:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-xss-9TFuu5MS
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20253
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20263
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20305


Tag: Cisco , Cisco Small Business Switches , Cisco Unified Communications , Cisco Unified Contact Center , Cisco Unity Connection
Tags