Сisсо Сhаnnеl @cisco Channel on Telegram

Сisсо Сhаnnеl

@cisco

Cisco News and Vulnerabilities
This channel is not official

Boost the channel!!
https://t.me/Cisco?boost

More:

@PopPolls
@QubesOS 💻
@CiscoChat
@Net3A

t.me/Cisco/22556

Сisсо Сhаnnеl (English)

Welcome to the Сisсо Сhаnnеl, your go-to source for all things Cisco-related! This Telegram channel is dedicated to providing you with the latest news and updates on Cisco technologies, as well as vulnerabilities that you need to be aware of. Please note that this channel is not an official Cisco channel, but it is run by passionate individuals who are dedicated to sharing valuable information with the Cisco community.

Whether you're a networking enthusiast, a cybersecurity professional, or simply someone who is interested in tech news, the Сisсо Сhаnnеl has something for you. Stay informed about the latest trends in networking, cybersecurity threats, and new Cisco products and services.

To enhance your experience on the channel, be sure to check out our recommended links for more great content:

- @PopPolls
- @QubesOS 💻
- @CiscoChat
- @Net3A

Join us on the Сisсо Сhаnnеl today to stay up-to-date with all things Cisco. Don't miss out on the opportunity to boost your knowledge and connect with like-minded individuals in the tech community. Click on the link below to join the channel now!

https://t.me/Cisco?boost

Сisсо Сhаnnеl

17 Jan, 20:46

Cisco’s ‘Collaboratory’ transforms a Manhattan space into a dazzling display of cutting-edge retail experiences. A secure, seamless network enables it all.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
928
Сisсо Сhаnnеl

17 Jan, 20:46

The future of retail: powered by Cisco
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/the-future-of-retail-powered-by-cisco.html?source=rss
922
Сisсо Сhаnnеl

15 Jan, 14:22

Cisco Unveils AI Defense to Secure the AI Transformation of Enterprises
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/cisco-unveils-ai-defense-to-secure-the-ai-transformation-of-enterprises.html?source=rss
1,115
Сisсо Сhаnnеl

15 Jan, 14:22

Cisco AI Defense is purpose-built for enterprises to develop, deploy and secure AI applications with confidence.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,312
Сisсо Сhаnnеl

15 Jan, 14:21

Protecting AI so AI can improve the world, safely
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/protecting-ai-so-ai-can-improve-the-world-safely.html?source=rss
969
Сisсо Сhаnnеl

15 Jan, 14:21

The world is in the middle of an unprecedented era of artificial intelligence innovation.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,134
Сisсо Сhаnnеl

09 Jan, 13:46

In a world full of disruption, resilience has never been more important.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
2,022
Сisсо Сhаnnеl

09 Jan, 13:46

Powering resilient communities through technology
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/powering-resilient-communities-through-technology.html?source=rss
1,733
Сisсо Сhаnnеl

09 Jan, 09:54

10 𝗕𝗲𝘀𝘁 𝗙𝗥𝗘𝗘 𝗢𝗻𝗹𝗶𝗻𝗲 IT 𝗖𝗼𝘂𝗿𝘀𝗲𝘀 𝘁𝗼 𝗗𝗼 𝗜𝗻 𝟮𝟬𝟮𝟱😍

 Kickstart 2025 with these 10 + free courses that can elevate your skills and open doors to new opportunities! #Cisco, #AWS, #PMP, #Python, #Excel, #Google, #Microsoft

The best part? They’re absolutely free! Invest in yourself and make 2025 your most productive year yet.

𝗟𝗶𝗻𝗸 👇:- https://bit.ly/3PqKVXB
 
Enroll For FREE & Get Certified 🎓

*📚Download 100% real Cisco Exam Dump& study guide: https://bit.ly/3DR0chS

↙️Join 2024 Cisco study Group:
https://chat.whatsapp.com/BX4ZpXvwvSW4Gv10lN9vux
1,609
Сisсо Сhаnnеl

08 Jan, 20:50

Cisco ThousandEyes Agent Certificate Validation Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Agent%20Certificate%20Validation%20Vulnerability%26vs_k=1

A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.
This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N

Security Impact Rating: Medium


CVE: CVE-2025-20126
1,442
Сisсо Сhаnnеl

08 Jan, 20:49

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Common%20Services%20Platform%20Collector%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on an affected device.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH

Security Impact Rating: Medium


CVE: CVE-2025-20166,CVE-2025-20167,CVE-2025-20168
1,195
Сisсо Сhаnnеl

08 Jan, 20:48

Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Crosswork%20Network%20Controller%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system.
These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by inserting malicious data into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU


Security Impact Rating: Medium


CVE: CVE-2025-20123
1,121
Сisсо Сhаnnеl

08 Jan, 19:08

Innovation — and independence — for people with diverse abilities
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/innovation-and-independence-for-people-with-diverse-abilities.html?source=rss
1,151
Сisсо Сhаnnеl

08 Jan, 19:08

A Cisco-sponsored project explores how technology can better support seniors, people with developmental disabilities, and other challenged communities.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,112
Сisсо Сhаnnеl

05 Jan, 04:04

🤙Cisco community channel and group:
@Cisco
@CiscoChat

💥Other Cisco related Channels and groups:
@ciscoAcademy
@spotociscoclub

Qubes OS Community Channel and group:
@QubesOS
@QubesChat

Off topic chats:
@PublicChatrooms

Games:
@hamstEr_kombat_bot
@CatizenBot
@boinker_bot - addicting


Other Channels:
@telemojis
@TheTGTimes
@TVids - True Videos

▪️▫️▪️▫️▪️▫️▪️▫️▪️▫️▪️
Join @Net3A for more channels and groups.
1,471
Сisсо Сhаnnеl

01 Jan, 20:28

🐵 Humans are hardwired to copy others by evolution — for a good reason. Mimicking those around us has been the most efficient survival strategy for millions of years. However, the world is different today. We now live in an age of rapid change — what used to be efficient becomes a recipe for mediocrity and decay ☠️

🥂 Let 2025 be the year we rely on our own opinions — not imposed stereotypes and outdated thought patterns. Only by trusting our instincts and following our own unique paths can we fulfil our potential and make great contributions to the world 🎨

🎆 Have a happy and productive 2025, everyone! 🚩
1,967
Сisсо Сhаnnеl

30 Dec, 01:48

🤙Cisco community channel and group:
@Cisco
@CiscoChat

💥Other Cisco related Channels and groups:
@ciscoAcademy
@spotociscoclub

Qubes OS Community Channel and group:
@QubesOS
@QubesChat

Off topic chats:
@PublicChatrooms

Games:
@hamstEr_kombat_bot
@CatizenBot

Other Channels:
@telemojis
@TheTGTimes
@TVids - True Videos

▪️▫️▪️▫️▪️▫️▪️▫️▪️▫️▪️
Join @Net3A for more channels and groups.
668
Сisсо Сhаnnеl

23 Dec, 00:33

🔥 Today we surpassed 16,000 Subscribers! Awesome!

Can we make it to 17,000 in 2 months? If we do, there'll be a Telegram stars giveaway!

Note: this is a community ran channel. Not official!

🧠 If you're looking for help check out our group chat!
> @CiscoChat
2,992
Сisсо Сhаnnеl

23 Dec, 00:33

Сisсо Сhаnnеl pinned «🔥 Today we surpassed 16,000 Subscribers! Awesome! Can we make it to 17,000 in 2 months? If we do, there'll be a Telegram stars giveaway! Note: this is a community ran channel. Not official! 🧠 If you're looking for help check out our group chat! > @CiscoChat»
0
Сisсо Сhаnnеl

20 Dec, 17:49

In Northern Ontario, an empathetic approach to public safety gets a boost from Cisco.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
3,236
Сisсо Сhаnnеl

20 Dec, 17:49

Where Indigenous wisdom meets innovative technologies
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/where-indigenous-wisdom-meets-innovative-technologies.html?source=rss
2,742
Сisсо Сhаnnеl

19 Dec, 18:06

Six environmental sustainability trends for 2025 and beyond
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/six-environmental-sustainability-trends-for-2025-and-beyond.html?source=rss
2,225
Сisсо Сhаnnеl

19 Dec, 18:06

As we approach 2025, climate change and resource scarcity require businesses, governments, and communities to act with intention and scale.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
2,893
Сisсо Сhаnnеl

18 Dec, 13:02

40 years of impact: Cisco’s FY24 Purpose Report
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/40-years-of-impact-cisco-fy24-purpose-report.html?source=rss
1,869
Сisсо Сhаnnеl

18 Dec, 13:02

Cisco celebrates 40 years of delivering ground-breaking innovation, supporting communities, and connecting businesses and people to global opportunities.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
2,206
Сisсо Сhаnnеl

18 Dec, 13:01

With the launch of the annual Purpose Report, Cisco is celebrating 40 years of impact. Learn how Cisco's technology connects and positively impacts the world.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,874
Сisсо Сhаnnеl

18 Dec, 13:01

The technology at the heart of connection
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/celebrating-40-years-of-impact.html?source=rss
1,696
Сisсо Сhаnnеl

18 Dec, 13:00

Cisco news in 60 seconds: Four decades of Cisco's impact
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/cisco-news-in-60-seconds-four-decades-of-cisco.html?source=rss
1,362
Сisсо Сhаnnеl

18 Dec, 13:00

Cisco released its annual Purpose Report, and is celebrating its 40th anniversary. Learn how Cisco continues to power an inclusive future for all, and what the future holds.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,671
Сisсо Сhаnnеl

17 Dec, 00:22

As 2025 edges closer, business leaders must be able to differentiate between fleeting hype and the technologies that will drive lasting change.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,639
Сisсо Сhаnnеl

17 Dec, 00:22

20/25 Vision: a clear look at the technology trends that will define 2025
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/20-25-vision-a-clear-look-at-the-technology-trends-that-will-define-2025.html?source=rss
1,141
Сisсо Сhаnnеl

03 Dec, 01:08

Cisco Adaptive Security Appliance WebVPN Login Page Cross-Site Scripting Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CVE-2014-2120?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20WebVPN%20Login%20Page%20Cross-Site%20Scripting%20Vulnerability%26vs_k=1

A vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of WebVPN on the Cisco ASA.The vulnerability is due to insufficient input validation of a parameter. An attacker could exploit this vulnerability by convincing a user to access a malicious link.


Security Impact Rating: Medium


CVE: CVE-2014-2120
536
Сisсо Сhаnnеl

02 Dec, 13:07

Rodney Clark, SVP, Partnerships and Small & Medium Businesses, discusses how Cisco's ecosystem approach fosters mutual growth for both Cisco and its partners.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
643
Сisсо Сhаnnеl

02 Dec, 13:07

Talking the growing and evolving Cisco Partner ecosystem with Rodney Clark
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m12/talking-the-growing-and-evolving-cisco-partner-ecosystem-with-rodney-clark.html?source=rss
571
Сisсо Сhаnnеl

28 Nov, 19:18

📢❗️🚨Ready to become successful in the IT field before 2025? Just join SPOTO now🚀
Pass Your #Cisco #CCNA #CCNP #CCIE Exam with #SPOTO Service in 1ST Attempt!

🆓🚚Try Our Free Cisco study materials:
🔎🔗https://bit.ly/3VOFVAl

Networking eBooks
Command Notes
Cisco official guides
Practice Tests
1,270
Сisсо Сhаnnеl

26 Nov, 23:54

Cisco will host its 2024 Annual Meeting of Stockholders on Monday, December 9, 2024, beginning at 8:00 a.m. PST via audio webcast.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,493
Сisсо Сhаnnеl

26 Nov, 23:54

Cisco to Host 2024 Virtual Annual Meeting of Stockholders
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-to-host-2024-virtual-annual-meeting-of-stockholders.html?source=rss
1,249
Сisсо Сhаnnеl

26 Nov, 10:11

We all had it

@TVids
1,365
Сisсо Сhаnnеl

25 Nov, 21:54

Not ready for AI? Time to lay the groundwork
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/not-ready-for-ai-time-to-lay-the-groundwork.html?source=rss
1,156
Сisсо Сhаnnеl

25 Nov, 21:54

Our 2024 Cisco AI Readiness Index found only 13% of organizations ready to harness AI's potential. Here’s how organizations can better prepare themselves.  
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,240
Сisсо Сhаnnеl

25 Nov, 17:17

Cisco and NTT DATA Partner to Empower Global Mobile Workforce with Simplified Access to 5G Connectivity
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,203
Сisсо Сhаnnеl

25 Nov, 17:17

Cisco and NTT DATA Partner to Empower Global Mobile Workforce with Simplified Access to 5G Connectivity
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-and-ntt-data-partner-to-empower-global-mobile-workforce-with-simplified-access-to-5g-connectivity.html?source=rss
970
Сisсо Сhаnnеl

25 Nov, 17:16

Cisco today announced that it will host and/or participate in the following events with the financial community in December
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
954
Сisсо Сhаnnеl

25 Nov, 17:16

Cisco Announces December 2024 Events with the Financial Community
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-announces-december-2024-events-with-the-financial-community.html?source=rss
826
Сisсо Сhаnnеl

25 Nov, 17:15

Nkonye Gbadegoye: My Journey into the World of AI
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/nkonye-gbadegoye-my-journey-into-the-world-of-ai.html?source=rss
438
Сisсо Сhаnnеl

25 Nov, 17:15

Thanks to the ReDI School and a Cisco internship, Nkonye gained hands-on experience creating AI-driven marketing solutions.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
838
Сisсо Сhаnnеl

25 Nov, 17:14

Manhattan’s iconic events center aims for Net Zero
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/manhattan-iconic-events-center-aims-for-net-zero.html?source=rss
474
Сisсо Сhаnnеl

25 Nov, 17:14

The Javits Center demands the best technology — for great convention experiences, for the local economy, and for the planet. Cisco helps make it happen.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
472
Сisсо Сhаnnеl

23 Nov, 18:26

True Videos is back!

Join today for Politics, News, Memes, War videos and more!

Join here > @TVids
595
Сisсо Сhаnnеl

19 Nov, 19:30

The second edition of Cisco's AI Readiness Index, a double-blind survey of almost 8000 leaders who work with AI, measures the readiness of global companies to adapt, deploy and fully leverage the power of AI.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
363
Сisсо Сhаnnеl

19 Nov, 19:30

Cisco 2024 AI Readiness Index
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-2024-ai-readiness-index.html?source=rss
350
Сisсо Сhаnnеl

19 Nov, 19:29

Cisco's 2024 AI Readiness Index: Urgency Rises, Readiness Falls
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-2024-ai-readiness-index-urgency-rises-readiness-falls.html?source=rss
316
Сisсо Сhаnnеl

19 Nov, 19:29

The report explores how prepared organizations are to invest in, deploy and use AI.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
347
Сisсо Сhаnnеl

18 Nov, 18:41

True Videos is back!

Join today for Politics, News, Memes, War videos and more!

Join here > @TVids
435
Сisсо Сhаnnеl

18 Nov, 17:47

Global gaming and entertainment company MGM Resorts International signs a Whole Portfolio Agreement with Cisco to deliver next-generation guest experiences.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
561
Сisсо Сhаnnеl

18 Nov, 17:47

Cisco and MGM Resorts International Sign Multi-Year Agreement
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-and-mgm-resorts-international-sign-multi-year-agreement.html?source=rss
523
Сisсо Сhаnnеl

17 Nov, 07:09

🤙Cisco community channel and group:
@Cisco
@CiscoChat

💥Other Cisco related Channels and groups:
@ciscoAcademy
@spotociscoclub

Qubes OS Community Channel and group:
@QubesOS
@QubesChat

Off topic chats:
@PublicChatrooms

Games:
@hamstEr_kombat_bot
@CatizenBot

Other Channels:
@telemojis
@TheTGTimes
@TVids - True Videos

▪️▫️▪️▫️▪️▫️▪️▫️▪️▫️▪️
Join @Net3A for more channels and groups.
855
Сisсо Сhаnnеl

15 Nov, 23:40

Cisco to Participate in RBC Conference
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-to-participate-in-rbc-conference.html?source=rss
990
Сisсо Сhаnnеl

15 Nov, 23:40

Cisco today announced that it will participate in the following event with the financial community
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
991
Сisсо Сhаnnеl

15 Nov, 11:38

With Wi-Fi 7, the wireless revolution is poised for yet another leap forward. Here’s a look back — and forward — at some key milestones in its history.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,198
Сisсо Сhаnnеl

15 Nov, 11:38

The innovative past and brilliant future of Wi-Fi
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/the-innovative-past-and-brilliant-future-of-wi-fi.html?source=rss
984
Сisсо Сhаnnеl

14 Nov, 08:39

‘Going Beyond’, Cisco’s networking, security, observability, and collaboration solutions future-proof businesses against today’s challenges — and tomorrow’s.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
1,267
Сisсо Сhаnnеl

14 Nov, 08:39

Cisco Live Melbourne: network innovations for an AI world
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-live-melbourne-network-innovations-for-an-ai-world.html?source=rss
976
Сisсо Сhаnnеl

14 Nov, 00:07

Cisco reported first quarter revenue of $13.8 billion, net income on a generally accepted accounting principles (GAAP) basis of $2.7 billion or $0.68 per share, and non-GAAP net income of $3.7 billion or $0.91 per share.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
58
Сisсо Сhаnnеl

14 Nov, 00:07

Cisco Reports First Quarter Earnings
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-reports-first-quarter-earnings.html?source=rss
59
Сisсо Сhаnnеl

13 Nov, 02:31

Cisco and LTIMindtree Expand Partnership to Deliver Next-Generation Secure Access Globally
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
442
Сisсо Сhаnnеl

13 Nov, 02:31

Cisco and LTIMindtree Expand Partnership to Deliver Next-Generation Secure Access Globally
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-and-ltimindtree-expand-partnership-to-deliver-next-generation-secure-access-globally.html?source=rss
425
Сisсо Сhаnnеl

13 Nov, 02:30

Cisco's EVP and Chief Product Officer, Jeetu Patel, discusses the future of Wi-Fi 7 and how It's not just about faster speeds—it's about smarter, more secure, and adaptable networks.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
397
Сisсо Сhаnnеl

13 Nov, 02:30

The future of work is here with Wi-Fi 7
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/the-future-of-work-is-here-with-wi-fi-7.html?source=rss
338
Сisсо Сhаnnеl

12 Nov, 14:49

Introducing zero-friction wireless for smarter workplaces
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/introducing-zero-friction-wireless-for-smarter-workplaces.html?source=rss
431
Сisсо Сhаnnеl

12 Nov, 14:49

As AI reshapes technology and redefines what’s possible, organizations need a network that doesn’t just keep up—but leads.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
478
Сisсо Сhаnnеl

12 Nov, 14:48

Cisco Introduces Intelligent, Secure and Assured Wi-Fi 7 to Transform Employee and Customer Experiences
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-introduces-intelligent-secure-and-assured-wi-fi-7.html?source=rss
427
Сisсо Сhаnnеl

12 Nov, 14:48

Introducing new intelligent, secure & assured wireless innovations, with Wi-Fi 7 access points & unified licensing that can enable smart spaces out-of-the-box.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
439
Сisсо Сhаnnеl

11 Nov, 03:39

Logicalis becomes the first global partner to launch Cisco XDR as a managed service 
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/logicalis-becomes-the-first-global-partner-to-launch-cisco-xdr-as-a-managed-service.html?source=rss
750
Сisсо Сhаnnеl

11 Nov, 03:39

Logicalis is first global partner to launch Cisco XDR as a Managed Service, offering advanced cyberattack visibility, AI automation, and threat intelligence.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
825
Сisсо Сhаnnеl

10 Nov, 03:01

Listen up!
921
Сisсо Сhаnnеl

07 Nov, 09:28

Cisco and the OECD: Building the World's First Full Picture of Digital Well-being
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-oecd-digital-well-being.html?source=rss
861
Сisсо Сhаnnеl

07 Nov, 09:28

Cisco and the OECD launch the Digital Well-being Hub to holistically study technology's impact on well-being and shape inclusive digital policies.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
928
Сisсо Сhаnnеl

07 Nov, 07:31

Pass it on!
845
Сisсо Сhаnnеl

06 Nov, 20:17

DONALD TRUMP IS THE 47TH PRESIDENT OF THE UNITED STATES!!!!!
538
Сisсо Сhаnnеl

06 Nov, 16:12

Cisco Unified Communications Manager IM & Presence Service Information Disclosure Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imp-inf-disc-cUPKuA5n?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Communications%20Manager%20IM%20&%20Presence%20Service%20Information%20Disclosure%20Vulnerability%26vs_k=1

A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.
This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to access sensitive information from the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imp-inf-disc-cUPKuA5n

Security Impact Rating: Medium


CVE: CVE-2024-20457
927
Сisсо Сhаnnеl

06 Nov, 16:11

Cisco 7800, 8800, and 9800 Series Phones Information Disclosure Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%207800,%208800,%20and%209800%20Series%20Phones%20Information%20Disclosure%20Vulnerability%26vs_k=1

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.
Note: Web Access is disabled by default.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG


Security Impact Rating: Medium


CVE: CVE-2024-20445
637
Сisсо Сhаnnеl

06 Nov, 16:10

Cisco Identity Services Engine Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface, perform a path traversal attack, read and delete arbitrary files on an affected device, or conduct a server-side request forgery (SSRF) attack through the device.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Identity Services Engine Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy

Security Impact Rating: Medium


CVE: CVE-2024-20525,CVE-2024-20527,CVE-2024-20528,CVE-2024-20529,CVE-2024-20530,CVE-2024-20531,CVE-2024-20532
425
Сisсо Сhаnnеl

06 Nov, 16:09

Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Authorization%20Bypass%20and%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to conduct an authorization bypass attack and cross-site scripting (XSS) attacks against a user of the web-based management interface on an affected device.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE

Security Impact Rating: Medium


CVE: CVE-2024-20537,CVE-2024-20538,CVE-2024-20539
378
Сisсо Сhаnnеl

06 Nov, 16:08

Cisco Identity Services Engine Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to either bypass the authorization mechanisms or conduct a cross-site scripting (XSS) attack.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Identity Services Engine Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5

Security Impact Rating: Medium


CVE: CVE-2024-20476,CVE-2024-20487
367
Сisсо Сhаnnеl

06 Nov, 16:07

Cisco 6800, 7800, 8800, and 9800 Series Phones with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%206800,%207800,%208800,%20and%209800%20Series%20Phones%20with%20Multiplatform%20Firmware%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.
These vulnerabilities exist because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit these vulnerabilities, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF

Security Impact Rating: Medium


CVE: CVE-2024-20533,CVE-2024-20534
367
Сisсо Сhаnnеl

06 Nov, 16:06

Cisco Nexus Dashboard Fabric Controller SQL Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-sqli-CyPPAxrL?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%20Dashboard%20Fabric%20Controller%20SQL%20Injection%20Vulnerability%26vs_k=1

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a specific REST API endpoint or web-based management interface. A successful exploit could allow the attacker to read, modify, or delete arbitrary data on an internal database, which could affect the availability of the device. 

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-sqli-CyPPAxrL

Security Impact Rating: High


CVE: CVE-2024-20536
387
Сisсо Сhаnnеl

06 Nov, 16:05

Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Industrial%20Wireless%20Software%20for%20Ultra-Reliable%20Wireless%20Backhaul%20Access%20Point%20Command%20Injection%20Vulnerability%26vs_k=1

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system.
This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs

Security Impact Rating: Critical


CVE: CVE-2024-20418
350
Сisсо Сhаnnеl

06 Nov, 16:04

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Email%20and%20Web%20Manager,%20Secure%20Email%20Gateway,%20and%20Secure%20Web%20Appliance%20Stored%20Cross-Site%20Scripting%20Vulnerability%26vs_k=1

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n


Security Impact Rating: Medium


CVE: CVE-2024-20504
360
Сisсо Сhаnnеl

06 Nov, 16:03

Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%203550-F%20Switches%20Access%20Control%20List%20Programming%20Vulnerability%26vs_k=1

A vulnerability in the access control list (ACL) programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management interface of an affected device. 
This vulnerability exists because ACL deny rules are not properly enforced at the time of device reboot. An attacker could exploit this vulnerability by attempting to send traffic to the management interface of an affected device. A successful exploit could allow the attacker to send traffic to the management interface of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q

Security Impact Rating: Medium


CVE: CVE-2024-20371
588
Сisсо Сhаnnеl

31 Oct, 15:43

AB sits with Matt Caulfield, VP of Identity and Duo at Cisco Security, for an informative discussion on MFA, social engineering, and AI in identity security.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
199
Сisсо Сhаnnеl

31 Oct, 15:43

Talking identity security, MFA, and the vision and strategy for Cisco’s identity portfolio with Matt Caulfield
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/talking-identity-security-mfa-and-the-vision-and-strategy-for-cisco-identity-portfolio-with-matt-caulfield.html?source=rss
193
Сisсо Сhаnnеl

31 Oct, 02:29

Learn how Cisco is moving Forward as One with AI, future-proofing workplaces, and the new Cisco 360 Partner Plan. Hear from Cisco executives and partners!
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
406
Сisсо Сhаnnеl

31 Oct, 02:29

Cisco News Now: Partner Summit Edition
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-news-now-partner-summit-edition.html?source=rss
383
Сisсо Сhаnnеl

30 Oct, 15:36

Cisco’s 2024 Consumer Privacy Survey reveals heightened risk awareness, support for thoughtful regulations, and insights on building trust.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
511
Сisсо Сhаnnеl

30 Oct, 15:36

How safe is our data? Consumers want to know
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/how-safe-is-our-data-consumers-want-to-know.html?source=rss
459
Сisсо Сhаnnеl

30 Oct, 11:00

Cisco Consumer Privacy Survey is an annual review of consumer behavior regarding privacy. It highlights the role of privacy awareness in fostering trust in AI.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
531
Сisсо Сhаnnеl

30 Oct, 11:00

New Cisco Survey Shows Strong Relationship Between Privacy Awareness and Trust in AI
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-survey-shows-strong-relationship-between-privacy-awareness-and-trust-in-ai.html?source=rss
457
Сisсо Сhаnnеl

29 Oct, 20:13

Power your GenAI ambitions with new Cisco AI-ready data center infrastructure
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/power-your-genai-ambitions-with-new-cisco-ai-ready-data-center-infrastructure.html?source=rss
549
Сisсо Сhаnnеl

29 Oct, 20:13

AI may hold the keys for your organization to unlock new levels of efficiency, insight, and value creation.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
589
Сisсо Сhаnnеl

29 Oct, 20:12

Cisco crisis response: reinstating connectivity to communities Impacted by Hurricane Helene
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-crisis-response-reinstating-connectivity-to-communities-impacted-by-hurricane-helene.html?source=rss
498
Сisсо Сhаnnеl

29 Oct, 20:12

Cisco Crisis Response powers an inclusive future by using our people, resources, tech, and partnerships to connect and empower crisis-affected communities.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
540
Сisсо Сhаnnеl

29 Oct, 16:42

Cisco Unveils Plug-and-Play AI Solutions, Accelerating AI Adoption for the Enterprise
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
535
Сisсо Сhаnnеl

25 Oct, 10:39

Cisco Adaptive Security Appliance and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20AnyConnect%20%20Access%20Control%20List%20Bypass%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device.
These vulnerabilities are due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit these vulnerabilities by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf
This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).

Security Impact Rating: Medium


CVE: CVE-2024-20297,CVE-2024-20299
670
Сisсо Сhаnnеl

24 Oct, 12:16

Cisco News in 60 Seconds: What you need to know about WebexOne 2024
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-news-in-60-seconds-what-you-need-to-know-about-webexone-2024.html?source=rss
720
Сisсо Сhаnnеl

24 Oct, 12:16

Catch up on all the latest news from WebexOne 2024. See how Cisco and Apple have come together to create immersive video experiences.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
762
Сisсо Сhаnnеl

23 Oct, 17:38

Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20VPN%20Web%20Client%20Services%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device.
These vulnerabilities are due to improper validation of user-supplied input to application endpoints. An attacker could exploit these vulnerabilities by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page. 
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).



Security Impact Rating: Medium


CVE: CVE-2024-20341,CVE-2024-20382
812
Сisсо Сhаnnеl

23 Oct, 17:37

Cisco Secure Client Software Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Client%20Software%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.
This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.
Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj


Security Impact Rating: Medium


CVE: CVE-2024-20474
465
Сisсо Сhаnnеl

23 Oct, 17:36

Cisco Adaptive Security Appliance Software SSH Server Resource Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20SSH%20Server%20Resource%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device.
This vulnerability is due to a logic error when an SSH session is established. An attacker could exploit this vulnerability by sending crafted SSH messages to an affected device. A successful exploit could allow the attacker to exhaust available SSH resources on the affected device so that new SSH connections to the device are denied, resulting in a DoS condition. Existing SSH connections to the device would continue to function normally. The device must be rebooted manually to recover. However, user traffic would not be impacted and could be managed using a remote application such as Cisco Adaptive Security Device Manager (ASDM).

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20526
283
Сisсо Сhаnnеl

23 Oct, 17:35

Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20for%20Firepower%202100%20Series%20TLS%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20339
271
Сisсо Сhаnnеl

23 Oct, 17:34

Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20Vulnerability%20Database%20with%20Snort%20Detection%20Engine%20Security%20Policy%20Bypass%20and%20Denial%20of%20Service%20Issue%26vs_k=1

An issue with a Cisco Vulnerability Database (VDB) release for Cisco Firepower Threat Defense (FTD) Software could cause the Snort detection engine to restart unexpectedly when inspecting traffic. While the Snort detection engine is restarting, traffic could bypass Snort inspection or be dropped, depending on the device configuration. For more information, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue%26vs_k=1#details) section of this advisory.
The Snort 2 and Snort 3 detection engines are both affected. The Snort detection engine will restart automatically. No manual intervention is required.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Informational
208
Сisсо Сhаnnеl

23 Oct, 17:33

Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20for%20Cisco%20Firepower%202100%20Series%20Appliances%20TCP%20UDP%20Snort%202%20and%20Snort%203%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.
This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.
Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20330
170
Сisсо Сhаnnеl

23 Oct, 17:32

Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20and%20Cisco%20FirePOWER%20Services%20TCP/IP%20Traffic%20with%20Snort%202%20and%20Snort%203%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition.
This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20351
207
Сisсо Сhаnnеl

23 Oct, 17:31

Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20TCP%20Snort%203%20Detection%20Engine%20Bypass%20Vulnerability%26vs_k=1

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. 
This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20407
161
Сisсо Сhаnnеl

23 Oct, 17:30

Multiple Cisco Products Snort Rate Filter Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Multiple%20Cisco%20Products%20Snort%20Rate%20Filter%20Bypass%20Vulnerability%26vs_k=1

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.
This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20342
187
Сisсо Сhаnnеl

23 Oct, 17:29

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20Remote%20Access%20VPN%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper validation of client key data after the TLS session is established. An attacker could exploit this vulnerability by sending a crafted key value to an affected system over the secure TLS session. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).



Security Impact Rating: High


CVE: CVE-2024-20495
138
Сisсо Сhаnnеl

23 Oct, 17:28

Cisco Adaptive Security Appliance and Firepower Threat Defense Software TLS Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20TLS%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM).

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20494
188
Сisсо Сhаnnеl

23 Oct, 17:27

Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20for%20Firepower%201000,%202100,%203100,%20and%204200%20Series%20Static%20Credential%20Vulnerability%26vs_k=1

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.
This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Critical


CVE: CVE-2024-20412
219
Сisсо Сhаnnеl

23 Oct, 17:26

Cisco Secure Firewall Management Center Software Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-2HBkA97G?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Firewall%20Management%20Center%20Software%20Command%20Injection%20Vulnerability%26vs_k=1

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system.
This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the Cisco FMC web-based management interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-2HBkA97G

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20374
157
Сisсо Сhаnnеl

23 Oct, 17:25

Cisco Firepower Threat Defense Software Geolocation ACL Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20Geolocation%20ACL%20Bypass%20Vulnerability%26vs_k=1

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.
This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20431
148
Сisсо Сhаnnеl

23 Oct, 17:24

Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Virtual%20Appliance%20and%20Secure%20Firewall%20Threat%20Defense%20Virtual%20SSL%20VPN%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual (FTDv), formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual devices to run out of system memory, which could cause SSL VPN connection processing to slow down and eventually cease all together.
This vulnerability is due to a lack of proper memory management for new incoming SSL/TLS connections on the virtual platforms. An attacker could exploit this vulnerability by sending a large number of new incoming SSL/TLS connections to the targeted virtual platform. A successful exploit could allow the attacker to deplete system memory, resulting in a denial of service (DoS) condition. The memory could be reclaimed slowly if the attack traffic is stopped, but a manual reload may be required to restore operations quickly.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20260
151
Сisсо Сhаnnеl

23 Oct, 17:23

Cisco Secure Firewall Management Center Software Cross-Site Scripting and Information Disclosure Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Firewall%20Management%20Center%20Software%20Cross-Site%20Scripting%20and%20Information%20Disclosure%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an attacker to conduct cross-site scripting (XSS) attacks or access unauthorized information on an affected device. 
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Secure Firewall Management Center Software Cross-Site Scripting and Information Disclosure Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20377,CVE-2024-20387,CVE-2024-20388
139

2025 All Right Reserved

Disclaimer: The content displayed on this website is solely provided by the respective Telegram channels. We hold no ownership or responsibility for the content shared by these channels.