Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Unified Communications Domain Manager Remote Code Execution Vulnerability cisco-sa-20180221-ucdm
- Elastic Services Controller Service Portal Authentication Bypass Vulnerability cisco-sa-20180221-esc
- Elastic Services Controller Service Portal Unauthorized Access Vulnerability cisco-sa-20180221-esc1
- Unified Customer Voice Portal Interactive Voice Response Connection Denial of Service Vulnerability cisco-sa-20180221-cvp