Cisco fixes three high-level bugs, but a fourth remains unpatched


Cisco Systems this week issued disclosed a dozen software vulnerabilities, including four high-severity flaws, one of which has not been patched.

The flaw with no current fix is CVE-2020-3155: a validation error in the SSL implementation of Cisco Intelligent Proximity, a solution that helps laptops, smartphones and other devices automatically discover and link with Webex video devices and collaboration endpoints. If exploited, the vulnerability could enable remote attackers to view or alter information shared on these Webex devices and endpoints.

Read more…