===================================================================== CERT-Renater Note d'Information No. 2021/VULN062 _____________________________________________________________________ DATE : 03/02/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Cisco Small Business RV Series Routers, Cisco Umbrella Secure Web Gateway, Cisco Prime Service Catalog software versions prior to 12.1 patch v18 (Feb 2022), Cisco DNA Center Systems versions prior to 2.2.3.4. ===================================================================== https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swg-fbyps-3z4qT7p https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpsc-info-disc-zkJBDJ9F https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2022-February-02. The following PSIRT security advisories (1 Critical, 3 Medium) were published at 16:00 UTC today. Table of Contents: 1) Cisco Small Business RV Series Routers Vulnerabilities - SIR: Critical 2) Cisco Umbrella Secure Web Gateway File Inspection Bypass Vulnerability - SIR: Medium 3) Cisco Prime Service Catalog Information Disclosure Vulnerability - SIR: Medium 4) Cisco DNA Center Information Disclosure Vulnerability - SIR: Medium +-------------------------------------------------------------------- 1) Cisco Small Business RV Series Routers Vulnerabilities CVE-2022-20699, CVE-2022-20700, CVE-2022-20701, CVE-2022-20702, CVE-2022-20703, CVE-2022-20704, CVE-2022-20705, CVE-2022-20706, CVE-2022-20707, CVE-2022-20708, CVE-2022-20709, CVE-2022-20710, CVE-2022-20711, CVE-2022-20712, CVE-2022-20749 SIR: Critical CVSS Score v(3.1): 10.0 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"] +-------------------------------------------------------------------- 2) Cisco Umbrella Secure Web Gateway File Inspection Bypass Vulnerability CVE-2022-20738 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swg-fbyps-3z4qT7p ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swg-fbyps-3z4qT7p"] +-------------------------------------------------------------------- 3) Cisco Prime Service Catalog Information Disclosure Vulnerability CVE-2022-20680 SIR: Medium CVSS Score v(3.1): 4.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpsc-info-disc-zkJBDJ9F ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpsc-info-disc-zkJBDJ9F"] +-------------------------------------------------------------------- 4) Cisco DNA Center Information Disclosure Vulnerability CVE-2022-20630 SIR: Medium CVSS Score v(3.1): 4.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================