Cisco Releases Multiple Security Advisories

Cisco has released six security advisories to address vulnerabilities affecting the following products:

  • Cius Wifi devices running Cius Software Version 9.2(1) SR1 and prior
  • Cisco Unified Communications Manager Software versions 6.x, 7.x, and 8.x
  • Cisco Business Edition 3000, 5000, and 6000
  • Cisco Unity Connection 7.1 and prior
  • Cisco 2000, 2100, 2500, 4100, 4400, and 5500 Series Wireless LAN Controllers (WLCs)
  • Cisco 500 Series Wireless Express Mobility Controllers
  • Cisco Wireless Services Modules (WiSM) and (WiSM version 2)
  • Cisco NME-AIR-WLC and NM-AIR-WLC Modules for Integrated Services Routers (ISRs)
  • Cisco Catalyst 3750G Integrated WLC
  • Cisco Flex 7500 Series Cloud Controllers
  • Control, Expressway, and Starter Pack Express variants of Cisco TelePresence Video Communication Server
  • Cisco SRP 521W, 526W, and 527W
  • Cisco SRP 521W-U, 526W-U, and 527W-U
  • Cisco SRP 541W, 546W, and 547W

These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with escalated privileges and bypass security restrictions.

US-CERT encourages users and administrators to review Cisco security advisories cisco-sa-20120229-cius, cisco-sa-201202290-cucm, cisco-sa-201202290-cuc, cisco-sa-201202290-wlc, cisco-sa-201202290-vcs, and cisco-sa-201202290-srp500 and apply any necessary updates to help mitigate the risk.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No