Cisco has released security updates to address vulnerabilities in multiple Cisco products, including Cisco Nexus Switches and MDS 9000 Series Multilayer Switches.

Affected Systems

1. Cisco Nexus Switches

• Nexus 3000 Series Switches

• Nexus 5500 Platform Switches

• Nexus 5600 Platform Switches

• Nexus 6000 Series Switches

• Nexus 7000 Series Switches

• Nexus 9000 Series Switches in standalone NX-OS mode

2. Cisco MDS Multi-layer Switches

• MDS 9000 Series Multilayer Switches

Security Risks

If successfully exploited, the identified vulnerabilities in Cisco products could enable an attacker to take control of an affected system and carry out malicious activities.

 For the full list of security patches released by Cisco, please refer to the Cisco Security Advisory.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

• Follow and put in place the security updates shared by Cisco to lower the risk of vulnerability exploitation.

• Before updating or patching, please ensure that you have the latest backup that can easily be restored.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP

• Security Advisories