Mit einer gesammelten Veröffentlichung von Updates patcht Cisco gleich mehrere Sicherheitslücken in Cisco IOS und IOS XE (beides Betriebssysteme für Router und Switches). Es sind über 20 Advisories, 3 davon wurden als kritisch eingestuft.
Im Cisco Security Advisory Portal findet man eine Übersicht und weitere Informationen zu den Updates. Hier die Zusammenfassung:
- Cisco IOS Software Simple Network Management Protocol GET MIB Object ID Denial of Service Vulnerability
- Cisco IOS XE Software Web UI Remote Access Privilege Escalation Vulnerability
- Cisco IOS XE Software Zone-Based Firewall IP Fragmentation Denial of Service Vulnerability
- Cisco IOS and IOS XE Software Internet Key Exchange Memory Leak Vulnerability
- Cisco IOS XE Software for Cisco Catalyst Switches IPv4 Denial of Service Vulnerability
- Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability
- Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability (CRITICAL)
- Cisco IOS and IOS XE Software Bidirectional Forwarding Detection Denial of Service Vulnerability
- Cisco IOS XE Software Internet Group Management Protocol Memory Leak Vulnerability
- Cisco IOS XE Software User EXEC Mode Root Shell Access Vulnerabilities
- Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability (CRITICAL)
- Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities
- Cisco IOS XE Software with Cisco Umbrella Integration Denial of Service Vulnerability
- Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability
- Cisco IOS XE Software Simple Network Management Protocol Double-Free Denial of Service Vulnerability
- Cisco IOS Software Integrated Services Module for VPN Denial of Service Vulnerability
- Cisco IOS XE Software Static Credential Vulnerability (CRITICAL)
- Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability
- Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability
Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability
Bernhard Hörl 