Original release date: October 12, 2016
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco Meeting Server Client Authentication Bypass Vulnerability [cisco-sa-20161012-msc]
- Cisco Wide Area Application Services Central Manager Denial of Service Vulnerability [cisco-sa-20161012-waas]
- Cisco Unified Communications Manager iFrame Data Clickjacking Vulnerability [cisco-sa-20161012-ucm]
- Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability [cisco-sa-20161012-prime]
- Cisco Finesse Cross-Site Request Forgery Vulnerability [cisco-sa-20161012-fin]
- Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability [cisco-sa-20161012-cbr-8]
This product is provided subject to this Notification and this Privacy & Use policy.