As your Trusted Technology Advisor, ACS has compiled a list of important Security Alerts from our vendors. In some cases, these security issues can be resolved with a software update. In other instances, a hardware or Operating System upgrade may be required.  Contact us to discuss the best course of action for your organization. 

The alerts are categorized by the severity of their impact. 

ARUBA SECURITY ALERTS

 Published Nov. 2018

• ClearPass Policy Manager Multiple Vulnerabilities

Cisco Security Alerts

CRITICAL IMPACT ALERTS

Published Nov. 2018

• Cisco Stealthwatch Management Console Authentication Bypass Vulnerability

• Cisco Small Business Switches Privileged Access Vulnerability

Published Oct. 2018

• libssh Authentication Bypass Vulnerability Affecting Cisco Products: October 2018

• Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability

HIGH IMPACT ALERTS

Published Nov. 2018 

• Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018

• Cisco Meraki Local Status Page Privilege Escalation Vulnerability

• Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability

Published Oct. 2018 

• Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

• Cisco NX-OS Software for Nexus 5500, 5600, and 6000 Series Switches Precision Time Protocol Denial of Service Vulnerability

• Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

• Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability

• Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability

• Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability

• Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability

• Cisco HyperFlex Software Static Signing Key Vulnerability

• Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

• Cisco Firepower System Software Detection Engine Denial of Service Vulnerability

• Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability

MEDIUM IMPACT ALERTS

 Published Nov. 2018

• Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability

• Cisco Firepower Detection Engine TCP Intrusion Prevention System Rule Bypass Vulnerability

Published Oct. 2018

•  Cisco Wireless LAN Controller Software Directory Traversal Vulnerability

• Cisco Wireless LAN Controller Software Information Disclosure Vulnerability

• Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability

• Cisco Wireless LAN Controller Software Privilege Escalation Vulnerability

• Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability

• Cisco Prime Infrastructure Information Disclosure Vulnerability

• Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability

• Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability

• Multiple Vulnerabilities in Cisco Identity Services Engine

• Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

• Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

• Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

Complete the form below to speak with a trusted technology advisor about remediation options for the above security advisories.