Security updates for Cisco products
Cisco, the networking equipment supplier, has issued security updates for several of its network components. Vulnerabilities in the Application Control Engine (ACE) and Application Network Manager (ANM) router modules enable attackers to obtain unauthorised access, gain extended access rights, manipulate data and cause a denial of service (DoS) condition.
In Unified MeetingPlace Web Conferencing, the server-based conferencing product, users without a valid account can acquire administrative rights and then possibly change settings. Cisco's advisories list the vulnerable product versions, describe the problems in further detail and provide patches to fix them.
See also:
- Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities, a Cisco advisory.
- Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine, a Cisco advisory.
- Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability, a Cisco advisory.
(crve)