Cisco Releases security updates

Number: AV17-054
Date: 20 April 2017

Purpose

The purpose of this advisory is to bring attention to multiple Cisco security advisories.

Assessment

Cisco released multiple security updates to address vulnerabilities in the following products.

  • Cisco Unified Communications Manager Denial of Service Vulnerability
  • Cisco Firepower Detection Engine Pragmatic General Multicast Protocol Decoding Denial of Service Vulnerability
  • Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities
  • Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability
  • Cisco ASA Software SSL/TLS Denial of Service Vulnerability
  • Cisco ASA Software IPsec Denial of Service Vulnerability
  • Cisco ASA Software DNS Denial of Service Vulnerability.

CVE References:

Critical: CVE-2017-5638

High: CVE-2017-3860, CVE-2017-3861, CVE-2017-3862, CVE-2017-3863, CVE-2017-3808, CVE-2016-6368, CVE-2017-6607, CVE-2017-6608, CVE-2017-6609, CVE-2017-6610

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

https://tools.cisco.com/security/center/publicationListing.x

Date modified: