—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2019-October-16.
The following PSIRT security advisories (1 Critical, 5 High) were published at 16:00 UTC today.
Table of Contents:
1) Cisco Aironet Access Points Unauthorized Access Vulnerability – SIR: Critical
2) Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability – SIR: High
3) Cisco Wireless LAN Controller Secure Shell Denial of Service Vulnerability – SIR: High
4) Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability – SIR: High
5) Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability – SIR: High
6) Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities – SIR: High
+——————————————————————–
1) Cisco Aironet Access Points Unauthorized Access Vulnerability
CVE-2019-15260
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-unauth-access [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-unauth-access”]
+——————————————————————–
2) Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2019-15261
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos”]
+——————————————————————–
3) Cisco Wireless LAN Controller Secure Shell Denial of Service Vulnerability
CVE-2019-15262
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-wlc-ssh-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-wlc-ssh-dos”]
+——————————————————————–
4) Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability
CVE-2019-15264
SIR: High
CVSS Score v(3.0): 7.4
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-capwap-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-capwap-dos”]
+——————————————————————–
5) Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability
CVE-2019-12636
SIR: High
CVSS Score v(3.0): 8.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-sbss-csrf [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-sbss-csrf”]
+——————————————————————–
6) Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
CVE-2019-15240, CVE-2019-15241, CVE-2019-15242, CVE-2019-15243, CVE-2019-15244, CVE-2019-15245, CVE-2019-15246, CVE-2019-15247, CVE-2019-15248, CVE-2019-15249, CVE-2019-15250, CVE-2019-15251, CVE-2019-15252
SIR: High
CVSS Score v(3.0): 8.0
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJdpz/XXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczj/8P/3fhL0r1+AdgSI3JZfb7TDVkJfi6
LlZrcyulxqc33WCmYwDo8hQLC/N16GynNELsMBTlUsV6Hmk0FdZDwjrRzeebEZfW
JfBEAcJ3O+rwX4zt3NRBvTuoE0UrwMUEb3q57kHoiK/5pQ92hfRoaBvDueVZh5Rc
7LFKdiNY3K/q2JehhXvewYNrYTrO+7rTGQ8I4e3Ix0n9wShI9qAMfqE1Cxlvd4kp
NNlgUIHyamdVbhPkAFhpWO99uT1COrvC/9G7FUv3MH3AqaCRzIfK85igx01zuNyZ
x7TFjs2lT4aE8KR5ohx4oTSIM4Gu7qaa+vUzWjho4JPlq9CbSVXD4OKEC7L3cxgp
LUY5TfkE6bIZak/C64DJgGovxcHhlmlDMbfw3wTltm9OSmb0o3a5Q/6NbisDcQhL
34j6c5fSGFo0mJBZ1WmD0xezgveTVx3LIHQin1pm7s5yfzBieI9hM+EmAkv9TqXd
frnDcqtmiTcMkqjTQ95HySz1iD242lVV22yGuLhq9EjxPHFt7rtqCq7M74oq4OmR
lgttGzG8WqT0Zv72vIy665QKwIyS6Y9umu1CUDSjn7AG8IG0XZCpk1kAp547cdEz
x5gJkjG1bNX4WUep+wjrDvph1YCvbotThPC7E90XGBagz09nciJo4U7Fnvpls95B
dqRhFEuHf//vAw1G
=tQin
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com