Cisco Patches High-Severity Vulnerabilities in IOS Software


Cisco has issued patches for 11 vulnerabilities, including seven high-severity flaws in IOS and IOS XE, as part of its semiannual security advisory. The most severe issues include six denial-of-service (DoS) vulnerabilities affecting various components, which can be remotely exploited without authentication, and a cross-site request forgery (CSRF) flaw in IOS XE's web-based management interface. Additionally, patches were released for two high-severity bugs in the SSH server of Catalyst Center (CVE-2024-20350) and the JSON-RPC API in Crosswork NSO (CVE-2024-20381), along with medium-severity flaws in multiple products. No active exploitation of these vulnerabilities has been reported.

Read More


thumb-image

Solutions