Serial number: AV25-388
Date: July 2, 2025
On July 2, 2025, Cisco published security advisories to address vulnerabilities in the following products:
- Cisco BroadWorks Application Delivery Platform – versions prior to RI.2025.05
- Cisco Enterprise Chat and Email – version 11 and versions prior to 12.6(1)_ES11
- Cisco Spaces Connector – versions prior to Connector 3-Jun 2025
- Cisco Unified Communications Manager – versions 15.0.1.13010-1 to 15.0.1.13017-1
- Cisco Unified Communications Manager Session Management Edition Engineering Special (ES) – versions 15.0.1.13010-1 to 15.0.1.13017-1
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates if available.
- Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability
- Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability
- Cisco Spaces Connector Privilege Escalation Vulnerability
- Cisco Unified Communications Manager Static SSH Credentials Vulnerability
- Cisco Security Advisories