TTCSIRT-283.022620: TT-CSIRT ADVISORY-CISCO RELEASES SECURITY UPDATES

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

TT-CSIRT encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Smart Software Manager On-Prem Static Credential Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-on-prem-static-cred-sL8rDs8
• Unified Contact Center Express Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-privesc-Zd7bvwyf
• Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-ucs-boot-bypass
• Email Security Appliance and Content Security Management Appliance Denial-of-Service Vulnerability                             https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-sma-dos

• Email Security Appliance Denial-of-Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-dos
• Data Center Network Manager Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-dcnm-priv-esc
• Data Center Network Manager Cross-Site Request Forgery Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-dcnm-csrf