Once again it’s time for Cisco’s semi-annual Cisco IOS Software Security Advisory Bundled Publication. Today’s edition of the bundle contains a total of nine IOS-related advisories and one non-IOS advisory for the Cisco Unified Communications Manager (CUCM) family of products. Included in the 10 Security Advisories are a total of 19 Cisco Bug IDs, each one representing an individual vulnerability.
The Cisco IOS Software Security Advisories are summarized as follows:
|Advisory Title||Workaround Available?||AMB Available?*|
|Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities||Yes||Yes|
|Cisco IOS Software IPv6 Denial of Service Vulnerability||No||No|
|Cisco IOS Software Data-Link Switching Vulnerability||Yes||Yes|
|Cisco IOS Software Network Address Translation Vulnerabilities||Yes||No|
|Cisco IOS Software IPv6 over MPLS Vulnerabilities||Yes||No|
|Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities||No||No|
|Cisco IOS IP Service Level Agreement Vulnerability||Yes||Yes|
|Cisco 10000 Series Denial of Service Vulnerability||Yes||No|
|Cisco IOS Software Smart Install Remote Code Execution Vulnerability||Yes||Yes|
|Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerability||Yes||Yes|
*Applied Mitigation Bulletins (AMBs) describe techniques that use inherent Cisco product abilities to detect and mitigate potential exploitation of these vulnerabilities. Visit the Applied Mitigation Bulletin archive on the Cisco SIO portal for a listing of all previously published AMBs.
If you are impacted by any of the vulnerabilities covered in these advisories where workarounds and/or AMBs are not available, it is highly recommended that you upgrade to a fixed version of software as soon as possible.
In order to determine if you are running an affected version of Cisco IOS Software, please visit the Cisco IOS Software Checker. This web-based application enables customers to more efficiently determine whether a given Cisco IOS Software image is exposed to product vulnerabilities that have been disclosed by the Cisco PSIRT.
Individual Security Advisory links, corresponding links to IntelliShield alerts and Applied Mitigation Bulletins, and the respective CVE IDs and CVSS Base Scores are available on the Cisco Event Response page.
It is our hope that the impact of these advisories is minimal; however, for those affected, it is also our hope that you find this Cisco IOS Software Bundle process to be efficient, time effective, and informative. Stay secure, my friends.