Summary
Cisco security updates address several vulnerabilities, including one with a severity of “critical” and one with a severity of “high,” present in several products.
Risk
Estimate of the impact of the vulnerability on the reference community: MEDIUM/YELLOW (62.31/100)1.
Type
- Security Restrictions Bypass
- Privilege Escalation
Affected products and/or versions
- Cisco Smart Licensing Utility
- Cisco Meraki Systems Manager (SM) Agent for Windows
Mitigation actions
In line with the vendor statements, it is recommended to update the vulnerable products following the indications of the security bulletin reported in the References section.
Unique Vulnerability Identifiers
The following are only the CVEs for the “Critical” and “High” severity vulnerabilities:
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
1This estimate is based on several parameters, including: CVSS, availability of patches/workarounds and PoC, and the prevalence of affected software/devices in the target community.
