Cisco published on Wednesday 30 security advisories on vulnerabilities identified in its products. Half of them are for high and critical severity bugs. Only three alerts refer to security problems with critical impact; among them is the recently disclosed remote code execution vulnerability in Apache Struts, for which several proof-of-concept exploits exist. Cisco notes that not all of its products that include an affected Struts library are vulnerable because of the way they use the library. Only one Cisco product affected by this vulnerability received a patch, the others awaiting an update in the coming weeks or pending schedule for a fixed software release.
ORIGINAL SOURCE: Bleeping Computer