Cisco Releases security updates

Number: AV17-017
Date: 01 February 2017

Purpose

The purpose of this advisory is to bring attention to multiple Cisco security advisories.

Assessment

Cisco released multiple security updates to address vulnerabilities (critical to medium) in the following products.

Critical:

  • Cisco Prime Home Authentication Bypass Vulnerability

Medium:

  • Cisco Industrial Ethernet 2000 Series Switches CIP Denial of Service Vulnerability
  • Cisco Prime Service Catalog URL Redirect Attack Vulnerability
  • Cisco Firepower Device Manager Arbitrary Audit Log Entry Vulnerability 
  • Cisco Firepower URL Bypass Vulnerability
  • Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Command Shell Injection Vulnerability
  • Cisco Firepower Management Center Incomplete Rule Set Vulnerability
  • Cisco Email Security Appliance Malformed MIME Header Filtering Bypass Vulnerability
  • Cisco cBR Series Converged Broadband Routers List Headers Denial of Service Vulnerability
  • Cisco ASR 1000 Series Aggregation Services Routers SNMP High CPU Denial of Service Vulnerability

CVE References:
Critical Impact CVE: CVE-2017-3791

Medium Impact CVE: CVE-2017-3806, CVE-2017-3809, CVE-2017-3810, CVE-2017-3812, CVE-2017-3814, CVE-2017-3818, CVE-2017-3820, CVE-2017-3822, CVE-2017-3824

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fmc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-esa1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-asrsnmp

Date modified: