Blog

Cisco released the below critical security advisory yesterday regarding a vulnerability in the SSL VPN functionality of Cisco ASA software. Contact us if you have questions or would like help with the remediation of this vulnerability. 

"On March 6, 2017, Apache disclosed a vulnerability in the Jakarta multipart parser of Apache Struts could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability has been assigned CVE-ID CVE-2017-5638. " (Cisco Security Advisory) 

On February 2, 2017 Cisco announced a major issue affecting products from their routing, switching, security and server product lines. Reference Tables A through D below for a full list of affected products and part numbers.

This weekend Cisco released a high severity Security Advisory confirming a vulnerability in its implementation of the IKEv1 protocol in products running Cisco’s IOS, IOS-XE and IOS-XR software.