Issued: Thursday, 17 June, 2021 |
Last Revision: Thursday, 17 June, 2021 |
Vendor: |
Product: |
Severity Level: |
Summary:
Cisco has released security updates for multiple products. An attacker could exploit some of these vulnerabilities and perform Remote Code Execution (RCE).
This collection of security updates addresses vulnerabilities in different products and includes fixes for four high severity flaws in the following products.
Product:
- Cisco Small Business 220 Series Smart Switches Vulnerabilities (CVE-2021-1543, CVE-2021-1542, CVE-2021-1541, CVE-2021-1571)
- Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability (CVE-2021-1567)
- Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability (CVE-2021-1566)
- Cisco DNA Center Certificate Validation Vulnerability (CVE-2021-1134)
The security updates below include fixes for four medium severity vulnerabilities.
Product:
- Cisco Jabber Desktop and Mobile Client Software Vulnerabilities (CVE-2021-1569, CVE-2021-1570)
- Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability (CVE-2021-1568)
- Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability (CVE-2021-1395)
- Cisco Meeting Server API Denial of Service Vulnerability (CVE-2021-1524)
Recommendation:
It is recommended to apply these security updates as soon as possible to prevent vulnerability exploitation and potential security incidents. Please visit the link below for official information from the vendor: