—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-November-17.
The following PSIRT security advisories (1 Critical, 2 High) were published at 23:00 UTC today.
Table of Contents:
1) Cisco Security Manager Path Traversal Vulnerability – SIR: Critical
2) Cisco Security Manager Java Deserialization Vulnerabilities – SIR: High
3) Cisco Security Manager Static Credential Vulnerability – SIR: High
+——————————————————————–
1) Cisco Security Manager Path Traversal Vulnerability
CVE-2020-27130
SIR: Critical
CVSS Score v(3.1): 9.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-path-trav-NgeRnqgR [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-path-trav-NgeRnqgR”]
+——————————————————————–
2) Cisco Security Manager Java Deserialization Vulnerabilities
CVE-2020-27131
SIR: High
CVSS Score v(3.1): 8.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-java-rce-mWJEedcD [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-java-rce-mWJEedcD”]
+——————————————————————–
3) Cisco Security Manager Static Credential Vulnerability
CVE-2020-27125
SIR: High
CVSS Score v(3.1): 7.4
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-rce-8gjUz9fW [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-rce-8gjUz9fW”]
—–BEGIN PGP SIGNATURE—–
iQKDBAEBAgBtBQJfsytrZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFesH+D/4sNrvHgSp1Nq5H
OKT/SBm1GXZhBuCp9LGbS6iJV5qN+k3VeuTGG+XK/SSeKk883JGDyWmWfPCxfgiA
qj+u4+EdAVAHG6oF2vN9DZ0vIdLrgEr5sg+bt+LvYDvHQSDssUAcZGMsBVVprgWp
TX007/7f04gyJzMFm6w0NDE7ddzrULJTr/YZRm4Gh1FggW4iXWJxDl1EcA+iXhGd
L8QYT6Ro0NT1/QFNKsHeVvFZHdBSuDKkybyD1C9RBBlrvbvP4+Z0vAr2uwWJa3Az
xOLGu7s2rSC/Gxe30kACRoOjbJ0/IOcC2Z/GYMkpfAvT4wkAshcpvnj/BAlbxkDF
UYtyzz1PDQ/ARiTEVeqG+wcrMoyEYCfQ08/GVxVwFF7PDSLTbvd6yDi7kBZXEoC8
k0kFkJv6uh6MAUdL+YuJFeysscdEGh+2uvu/Xsjde6Zkb9T+we66SPJBxoBCK94v
lOBtXnRfm6PmEb37+OhJgiCctlZUQ0V3rtEgW6udPo2M+BYLDYy9j4n3vk1z7QMH
funnzP2sqIrXZtuw/qDQMsnNsD3B2TCWCBwUty383FBOosBUNAKMRu/J1smOKWhZ
krP7yr7YctJCTqMjJTDx2uTyLsmppVq4NNxx8CEqSWyKSK8MLgcvK6oao4XCOF0h
yGeBNqydSXYp9TZQyJgHousfILit4g==
=6Sit
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com