The vendor also issued estimated bug-fix dates for an unpatched, high-severity Secure Boot flaw that was disclosed on Monday. The vendor is warning of critical remote code-execution (RCE) vulnerabilities in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network (EPN) Manager. The vulnerabilities exist because the software improperly validates user-supplied input in SQL queries, Cisco says. The patches are part of a larger group of fixes that Cisco dropped on Wednesday.
Source: https://threatpost.com/cisco-webex-remote-code-execution/144805/