From ccd0fe4b73e7d7ae699b8a6250c5da1181667465 Mon Sep 17 00:00:00 2001 From: Serki Ashagre <132869385+LSerki@users.noreply.github.com> Date: Fri, 6 Sep 2024 11:22:21 +0800 Subject: [PATCH] Cisco Publishes Critical Update - 20240906003 --- .../20240906003-Cisco-Publishes-Critical-Update.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/advisories/20240906003-Cisco-Publishes-Critical-Update.md b/docs/advisories/20240906003-Cisco-Publishes-Critical-Update.md index fbf722b9..097c6bca 100644 --- a/docs/advisories/20240906003-Cisco-Publishes-Critical-Update.md +++ b/docs/advisories/20240906003-Cisco-Publishes-Critical-Update.md @@ -6,10 +6,10 @@ The WA SOC has been made aware of multiple vulnerabilities in Cisco Smart Licens ## What is vulnerable? -| Product(s) Affected | Version(s) | CVE | CVSS | Severity | -| ------------------- | ---------- | ----------------------------------------------------------------- | ---- | ------------ | -| | | [CVE-2024-20439](https://nvd.nist.gov/vuln/detail/CVE-2024-20439) | 9.8 | **Critical** | -| | | [CVE-2024-20440](https://nvd.nist.gov/vuln/detail/CVE-2024-20440) | 7.5 | High | +| Product(s) Affected | Version(s) | CVE | CVSS | Severity | +| ------------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------------------------------------------- | +| Cisco Smart Licensing Utility | versions before 2.3.0 | [CVE-2024-20439](https://nvd.nist.gov/vuln/detail/CVE-2024-20439) | 9.8 | **Critical** | +| Cisco Smart Licensing Utility | versions before 2.3.0 | [CVE-2024-20440](https://nvd.nist.gov/vuln/detail/CVE-2024-20440) | 7.5 | High | ## What has been observed? @@ -17,7 +17,7 @@ There is no evidence of exploitation affecting Western Australian Government net ## Recommendation -The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)): +The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)): - [Cisco Smart Licensing Utility Vulnerabilities](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw)