A critical Cisco vulnerability exists in its administrative management tool for Cisco network security solutions. The flaw could allow an unauthenticated, remote attacker to gain administrative privileges on impacted devices. Cisco has released patches for the vulnerability (CVE-2019-16028), which has a score of 9.8 out of 10 on the CVSS scale, making it critical in severity. The vulnerability stems from improper handling of LDAP authentication responses from an external authentication server. Cisco customers can do the following to determine whether they are impacted.
Source: https://threatpost.com/cisco-critical-network-security-tool-flaw/152131/