—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-February-19.
The following PSIRT security advisories (1 Critical, 6 High) were published at 16:00 UTC today.
Table of Contents:
1) Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability – SIR: Critical
2) Cisco Unified Contact Center Express Privilege Escalation Vulnerability – SIR: High
3) Cisco Data Center Network Manager Cross-Site Request Forgery Vulnerability – SIR: High
4) Cisco Data Center Network Manager Privilege Escalation Vulnerability – SIR: High
5) Cisco Email Security Appliance and Cisco Content Security Management Appliance Denial of Service Vulnerability – SIR: High
6) Cisco Email Security Appliance Denial of Service Vulnerability – SIR: High
7) Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability – SIR: High
+——————————————————————–
1) Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability
CVE-2020-3158
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-on-prem-static-cred-sL8rDs8 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-on-prem-static-cred-sL8rDs8”]
+——————————————————————–
2) Cisco Unified Contact Center Express Privilege Escalation Vulnerability
CVE-2019-1888
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-privesc-Zd7bvwyf [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-privesc-Zd7bvwyf”]
+——————————————————————–
3) Cisco Data Center Network Manager Cross-Site Request Forgery Vulnerability
CVE-2020-3114
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-dcnm-csrf [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-dcnm-csrf”]
+——————————————————————–
4) Cisco Data Center Network Manager Privilege Escalation Vulnerability
CVE-2020-3112
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-dcnm-priv-esc [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-dcnm-priv-esc”]
+——————————————————————–
5) Cisco Email Security Appliance and Cisco Content Security Management Appliance Denial of Service Vulnerability
CVE-2019-1983
SIR: High
CVSS Score v(3.0): 7.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-sma-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-sma-dos”]
+——————————————————————–
6) Cisco Email Security Appliance Denial of Service Vulnerability
CVE-2019-1947
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-dos”]
+——————————————————————–
7) Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability
CVE-2019-1736
SIR: High
CVSS Score v(3.0): 6.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-ucs-boot-bypass [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-ucs-boot-bypass”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJeTV2QXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEpIDxwc2ly
dEBjaXNjby5jb20+AAoJELm9eRtXgZjILt8P/jbCFXmhnzAZOvb4S+49JEAPF3PJ
XBsCGxmSa7ACRcUwMDCqzY5MiVdgsJF8Ztx4AQd1wtSBC2KhxHUA01AtYr40LFi9
8F5JGbh1zRUw0LzHl3DIsJRc887uKCMpfEFGLuk2AHM9j6b7Tg0WqDAfbMQ1NmPj
SFUhzlO0+ZZrdYhgo+0j37eMrxkIOOoHGM580aR3O4MlIEf2X3Ua43pLiwXVUB4b
XGh51BI9+NgTJsUhVHBNfRGrbTgG85leFVyEcM3MiMxWjuWDV3AxgNnk+PtzyFHM
pSzQ9RktLPxCuupEknnGmsGx2YNb/nMqJMwcsK4tQSnXl5vGcFny8fe3LgsXG1Ms
0AsJova0/gNOSHNQDAxUQLs7aeIAXC5QvrBI8rHB4JFKCpumne/FgV2980TbIfJk
VpGtYB2qUC6qSkqmDyQetNPhm6SNHSXSeJ10ocDUoE+SA4f1+JQFapIhz23lsxWY
hZDp5ynWkVbR6FNDrponBuc2IB7Vh1Ei6GhI7i2YJ5bJ+HzP6tG5rU4IjcVq0Hf5
efVsfuo2ODyiWZY545rfkQ0j9asorJHpl6eSuZmEk0RYw0hRvbwjj5vHiyrs95zo
j7UO9Ib9lNLvlfNs+iDZ6gpmkd0FDYFSOPRyAXNBKTJNn/wwV6nXMHyvsR3LUOQz
h3uzd6IG5xB1hoih
=mh6S
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com