wagov · DGovEnterprise · May 17, 2024 · May 17, 2024 · May 17, 2024 · May 17, 2024
diff --git a/...ode-Execution-Multiple-Vulnerabilities md → ...ode-Execution-Multiple-Vulnerabilities.md b/...ode-Execution-Multiple-Vulnerabilities md → ...ode-Execution-Multiple-Vulnerabilities.md
diff --git a/...advisories/20240517002-Cisco-Releases-Security-Updates-for-Multiple-Products.md b/...advisories/20240517002-Cisco-Releases-Security-Updates-for-Multiple-Products.md
@@ -0,0 +1,39 @@
+# Cisco Releases Security Updates for Multiple Products - 20240517002
+
+## Overview
+
+Cisco has released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
+
+## What is vulnerable?
+
+- [Cisco Crosswork Network Services Orchestrator](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f "Cisco Crosswalk Network Services Orchestrator")
+- [Cisco Crosswork Network Services Orchestrator Privilege Escalation](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D "Cisco Crosswork Network Services Orchestrator Privilege Escalation")
+- [ConfD CLI Privilege Escalation and Arbitrary File Read and Write](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8 "ConfD CLI Privilege Escalation and Arbitrary File Read and Write")
+- [Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ "Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation")
+- [Cisco Crosswork Network Services Orchestrator Open Redirect](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO "Cisco Crosswork Network Services Orchestrator Open Redirect")
+- [Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting")
+- [Cisco Secure Email Gateway HTTP Response Splitting](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-http-split-GLrnnOwS "Cisco Secure Email Gateway HTTP Response Splitting")
+- [Cisco AppDynamics Network Visibility Service Denial of Service](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-netvisdos-9zNbsJtK "Cisco AppDynamics Network Visibility Service Denial of Service")
+
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- Refer to the 'Fixed Software' section of each advisory for product specific Cisco software fixes:
+
+    - [Cisco Crosswork Network Services Orchestrator](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-rwpesc-qrQGnh3f#fs "Cisco Crosswalk Network Services Orchestrator")
+    - [Cisco Crosswork Network Services Orchestrator Privilege Escalation](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-hcc-priv-esc-OWBWCs5D#fs "Cisco Crosswork Network Services Orchestrator Privilege Escalation")
+    - [ConfD CLI Privilege Escalation and Arbitrary File Read and Write](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8#fs "ConfD CLI Privilege Escalation and Arbitrary File Read and Write")
+    - [Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-nam-priv-esc-szu2vYpZ#fs "Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation")
+    - [Cisco Crosswork Network Services Orchestrator Open Redirect](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-ordir-MNM8YqzO#fs "Cisco Crosswork Network Services Orchestrator Open Redirect")
+    - [Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD#fs "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting")
+    - [Cisco Secure Email Gateway HTTP Response Splitting](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-http-split-GLrnnOwS#fs "Cisco Secure Email Gateway HTTP Response Splitting")
+    - [Cisco AppDynamics Network Visibility Service Denial of Service](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-netvisdos-9zNbsJtK#fs "Cisco AppDynamics Network Visibility Service Denial of Service")
+
+
+## Additional References
+
+- [Security Advisories (cisco.com)](https://sec.cloudapps.cisco.com/security/center/publicationListing.x)
+- [Cisco Releases Security Updates for Multiple Products | CISA](https://www.cisa.gov/news-events/alerts/2024/05/16/cisco-releases-security-updates-multiple-products)
+