Cisco Releases Multiple Security Advisories
Cisco has released six security advisories to address vulnerabilities affecting the following products:
- Cius Wifi devices running Cius Software Version 9.2(1) SR1 and prior
- Cisco Unified Communications Manager Software versions 6.x, 7.x, and 8.x
- Cisco Business Edition 3000, 5000, and 6000
- Cisco Unity Connection 7.1 and prior
- Cisco 2000, 2100, 2500, 4100, 4400, and 5500 Series Wireless LAN Controllers (WLCs)
- Cisco 500 Series Wireless Express Mobility Controllers
- Cisco Wireless Services Modules (WiSM) and (WiSM version 2)
- Cisco NME-AIR-WLC and NM-AIR-WLC Modules for Integrated Services Routers (ISRs)
- Cisco Catalyst 3750G Integrated WLC
- Cisco Flex 7500 Series Cloud Controllers
- Control, Expressway, and Starter Pack Express variants of Cisco TelePresence Video Communication Server
- Cisco SRP 521W, 526W, and 527W
- Cisco SRP 521W-U, 526W-U, and 527W-U
- Cisco SRP 541W, 546W, and 547W
These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with escalated privileges and bypass security restrictions.
US-CERT encourages users and administrators to review Cisco security advisories cisco-sa-20120229-cius, cisco-sa-201202290-cucm, cisco-sa-201202290-cuc, cisco-sa-201202290-wlc, cisco-sa-201202290-vcs, and cisco-sa-201202290-srp500 and apply any necessary updates to help mitigate the risk.
This product is provided subject to this Notification and this Privacy & Use policy.