TTCSIRT-228.092719: TT-CSIRT ADVISORY – CISCO SECURITY UPDATES

TTCSIRT-228.092719: TT-CSIRT ADVISORY – CISCO SECURITY UPDATES

CRITICAL

1) CVE-2018-0296 – Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability

2) CVE-2019-1620 – Cisco Data Center Network Manager Arbitrary File Upload and Remote Code Execution Vulnerability

3) CVE-2019-1619 – Cisco Data Center Network Manager Authentication Bypass Vulnerability

HIGH

1) CVE-2019-1901 – Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability

2) CVE-2019-12646 – Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

3) CVE-2019-12652 – Cisco Catalyst 4000 Series Switches TCP Denial of Service Vulnerability

4) CVE-2019-12648 – Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability

5) CVE-2019-12650 & CVE-2019-12651 – Cisco IOS XE Software Web UI Command Injection Vulnerabilities

6) CVE-2019-12654 – Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability

7) CVE-2019-12653 – Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability

8) CVE-2019-12658 – Cisco IOS XE Software Filesystem Exhaustion Denial of Service Vulnerability

9) CVE-2019-12656 – Cisco IOx Application Environment Denial of Service Vulnerability

10) CVE-2019-12655 – Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability

11) CVE-2019-12657 – Cisco IOS XE Software Unified Threat Defense Denial of Service Vulnerability

12) CVE-2019-12649 – Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability

13) CVE-2019-12647 – Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability

14) CVE-2019-1621 – Cisco Data Center Network Manager Arbitrary File Download Vulnerability

15) CVE-2018-15459 – Cisco Identity Services Engine Privilege Escalation Vulnerability