—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2019-August-28.

The following PSIRT security advisories (1 Critical, 5 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – SIR: Critical

2) Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability – SIR: High

3) Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability – SIR: High

4) Cisco NX-OS Software IPv6 Denial of Service Vulnerability – SIR: High

5) Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability – SIR: High

6) Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability – SIR: High

+——————————————————————–

1) Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability

CVE-2019-12643

SIR: Critical

CVSS Score v(3.0): 10.0

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass”]

+——————————————————————–

2) Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability

CVE-2019-1965

SIR: High

CVSS Score v(3.0): 7.7

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-memleak-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-memleak-dos”]

+——————————————————————–

3) Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability

CVE-2019-1966

SIR: High

CVSS Score v(3.0): 7.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-ucs-privescalation [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-ucs-privescalation”]

+——————————————————————–

4) Cisco NX-OS Software IPv6 Denial of Service Vulnerability

CVE-2019-1964

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ipv6-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ipv6-dos”]

+——————————————————————–

5) Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

CVE-2019-1963

SIR: High

CVSS Score v(3.0): 7.7

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos”]

+——————————————————————–

6) Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability

CVE-2019-1962

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJdZqZbXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczUE8P/Aq5RzwJOBSLJapQffOwff0uWQhe
8ET06ZiVYVLer14jpucXZajK8uPNoK6PTeGiNGxVPopI5L3CDuX8Mr3PBcYe8V/T
bN+QjG/YN27O2KKxVk1K62bIpfE8fDeQ/laXE+/rzTpiklm8wAVXsU9t/6zv9VZ/
xLnG8Y/6m9MGxctiXrCAbtI4STpCnU9wZSKGibF6TRpIsmu4M1MNxAoddXG74BER
TafRIYyAy5MoVdTZYzdQXq05q1a4+B81GONAnbsSRL89f0q7B+CPysFyxkgjvUY7
1Nx0EbITnHJjDfDu6W2MKldnKzVwWsQhijJH8tNhFWfemF5W3hbH39vsl+U7KDjB
Mo7PYufR8Ush/7xUG5EnOwx4NoSCyuxt53gjj37+cUW7Um1auNWVcMayjZZMb6Xo
d23WEEXAfdvqhj1G8YCQnMqPelTuOmhdGw9zUQdgvvxaiLlTfRt8ue1PPxaZHaAo
lUkwQJYTJcnfD7vD6S8QGcvf/lX9IoOiy7KYxHNXncBa6f+rBtl1Ejz6F/kTNQVg
sff6OKyOCn0kruDCG3iR3ZP5RDpFHr9+MfQof80Lz9Up2L6xPAgHjyt6ezQgLAjw
BbS7POuGXmcMJC+zcleoCbQUEEhBiM7Id5EOwmwImH13CZ2hjnwa7ZMM/08Raqbj
prMfkS8FeO5vR8sm
=zNHa
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com