From prodefence.org
Cisco released new security update with the patches for several vulnerabilities that affected various Cisco products including Cisco Web Security Appliance, Cisco IP phone, Fabric switches, Email Security Appliances and more.
Totality 19 vulnerabilities are fixed, in which 10 vulnerabilities are categorized under high severity, 8 fixed under Medium severity, 1 fixed under informational.
A vulnerability ( CVE-2019-1894 ) affected Cisco Enterprise NFV Infrastructure Software allows a remote attacker who has admin level permission will overwrite or read arbitrary files on vulnerable devices.
Another high severity vulnerability (CVE-2019-1892 ) resides in the Secure Sockets Layer (SSL) input packet processor let a remote attacker cause memory corruption on Cisco Small Business 200, 300, and 500 Series Managed Switches.