Cisco has released nine security advisories addressing multiple vulnerabilities, including one critical and two high severity advisories affecting Cisco Identity Services Engine (ISE), Cisco NX-OS, Cisco Expressway, Cisco IOS, Cisco IOS XE, Cisco IOS XR, Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance.
The critical vulnerability affects Cisco ISE and Cisco ISE Passive Identity Connector, software which facilitates endpoint management. The vulnerability could allow an authenticated, remote attacker to execute arbitrary commands and elevate privileges on an affected device, provided that the attacker has valid read-only administrative credentials.
Read more…
Source: NHS digital
Related:
- Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump
March 20, 2017
Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...

