Cisco Releases Security Updates for Multiple Products

Threat ID:: CC-3933
Threat Severity:: Information only
Published:: 27 August 2021 11:04 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

Versions: QNX Software Development Platform (SDP) – 6.5.0SP1 and earlier, QNX OS for Medical – 1.1 and earlier, QNX OS for Safety – 1.0.1 and earlier

Blackberry QNX

Versions: Cisco APIC and Cisco Cloud APIC

Cisco Application Policy Infrastructure Controller

Versions: 9000 Series (in ACI mode)

Cisco Nexus 9000 Series Switches

Versions: Nexus 3000 Series Switches, Nexus 7000 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode

Cisco NX-OS

Threat details

Introduction

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review the following Cisco Security Advisories and apply the necessary updates or workarounds.

Remediation steps

Type	Step
Patch	BlackBerry QNX-2021-001 Vulnerability Affecting Cisco Products https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-qnx-TOxjVPdL
Patch	Cisco Application Policy Infrastructure Controller Arbitrary File Read and Write Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-frw-Nt3RYxR2
Patch	Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv
Patch	Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM
Patch	Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-tcp-dos-YXukt6gM
Patch	Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-queue-wedge-cLDDEfKF
Patch	Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-pesc-pkmGK4J
Patch	Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-chvul-CKfGYBh8

Last edited: 27 August 2021 12:30 pm