Alertas de seguridad

Notificación de nuevas amenazas detectadas a nivel global, bien sea por entidades independientes, fabricantes, gremios, o investigación propia CSIRT.

Cisco lanza actualizaciones de seguridad

  • Publicado: 01/05/2019
  • Importancia: Alta

Recursos afectados

Cisco lanza varias actualizaciones de seguridad en varios de sus productos.

Productos afectados:

  • Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability - CVE-2019-1804.
  • Cisco Web Security Appliance Privilege Escalation Vulnerability - CVE-2019-1816
  • Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability -CVE-2019-1817
  • Cisco Umbrella Dashboard Session Management Vulnerability - CVE-2019-1807
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability - CVE-2018-15388
  • Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability - CVE-2019-1859
  • Cisco Small Business RV320 and RV325 Routers Session Hijacking Vulnerability -CVE-2019-1724
  • Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability -CVE-2019-1635
  • Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability -CVE-2019-1803 
  • Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities -CVE-2019-1696 -CVE-2019-1704
  • Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability -CVE-2019-1703
  • Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability - CVE-2018-15462 
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN SAML Authentication Bypass Vulnerability - CVE-2019-1714 
  • Cisco Adaptive Security Appliance Software IPsec Denial of Service Vulnerability -CVE-2019-1706 
  • Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability -CVE-2019-1708 
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability - CVE-2019-1715
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability- CVE-2019-1693 
  • Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability -CVE-2019-1694 
  • Cisco Adaptive Security Appliance Software Cross-Site Request Forgery Vulnerability -CVE-2019-1713 
  • Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability -CVE-2019-1682 
  • Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability -CVE-2019-1590 
  • Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation Vulnerability -CVE-2019-1592 
  • Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability -CVE-2018-15465
  • Cisco Adaptive Security Appliance Software VPN Denial of Service Vulnerability- CVE-2019-1705 
  • Cisco Prime Network Registrar Cross-Site Scripting Vulnerability -CVE-2019-1852
  • Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability -CVE-2019-1856
  • Cisco HyperFlex HX-Series Web-Based Management Interface Cross-Site Request Forgery Vulnerability -CVE-2019-1857
  • Cisco Firepower Threat Defense Software Command Injection Vulnerability -CVE-2019-1699 
  • Cisco Firepower Threat Defense Software Command Injection Vulnerability -CVE-2019-1709 
  • Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Symbolic Link Path Traversal Vulnerability -CVE-2019-1836
  • Cisco Expressway Series Directory Traversal Vulnerability -CVE-2019-1854 
  • Cisco Email Security Appliance Filter Bypass Vulnerability -CVE-2019-1844 
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability -CVE-2019-1687 
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability -CVE-2019-1697
  • Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities -CVE-2019-1701 
  • Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability -CVE-2019-1695
  • Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability -CVE-2019-1838 
  • Cisco Application Policy Infrastructure Controller Web-Based Management Interface Usage Information Disclosure Vulnerability -CVE-2019-1692 
  • Cisco Application Policy Infrastructure Controller Recoverable Encryption Key Vulnerability -CVE-2019-1586 
  • Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability -CVE-2019-1589

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability -CVE-2019-1587

Etiquetas