Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cisco Issues Fixes to Multiple Vulnerabilities

Cisco Systems this week reported security vulnerabilities in several products and issued patches to fix them.

Independent researchers discovered a privilege escalation vulnerability that could allow attackers who already have authenticated access to the command line interface to obtain access to the underlying operating system of certain products.

Impacted products include the CiscoWorks Wireless LAN Solution Engine (WLSE), Hosting Solution Engine, User Registration Tool, Ethernet Subscriber Solution Engine and CiscoWorks 2000 Service Management Solution.

Cisco has issued patches for the affected products except the latter two, which are discontinued and no longer supported.

The San Jose, Calif.-based vendor also issued a separate advisory for WLSE, which is also susceptible to a cross site scripting vulnerability that may allow an attacker to gain administrative privileges on the system.

  • 1