Security advisories

Multiple Vulnerabilities in Cisco Products

February 27, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

On May 2, 2018, Cisco reported on three vulnerabilities with CVSS scores of critical. The three vulnerabilities allow for remote code execution on affected systems. CVE-2018-02641 impacts Cisco WebEx, CVE-2018-02582 affects Cisco Prime File Upload and CVE-2018-02533 affect Cisco Secure Access Control Systems; for a full list of affected products see the Additional Information section below. At the time of writing, exploitation of these vulnerabilities has not been observed in the wild.

What we’re doing about it

What you should do about it

Additional information

CVE Details:

CVE-2018-0264

CVE-2018-0253

CVE-2018-0258

It should be noted that these vulnerabilities are not related to the Cisco WebEx vulnerability CVE-2018-0112, released on April 18 4.

Affected Products:

CVE-2018-0264

CVE-2018-0258

CVE-2018-0253


References:

[1] Cisco WebEx Advanced Recording Format Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-war

[2] Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-prime-upload

[3] Cisco Secure Access Control System Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-acs1

[4] Security Advisory: WebEx Remote Code Execution Vulnerability, designated CVE-2018-0112
https://www.esentire.com/security-advisories/webex-remote-code-execution-vulnerability/

View Most Recent Advisories