Cisco releases patch for critical flaw in CiscoWorks

Cisco has released a patch that fixes a vulnerability in CiscoWorks Common Services that could allow an unauthenticated remote attacker to access application and host operating system files. The exploitability of this flaw is rated as high. Note that only CiscoWorks Common Services systems that run on Microsoft Windows are vulnerable. The Solaris version is not affected.

Specifically the following Cisco products that use CiscoWorks Common Services as their base are affected by this vulnerability.

* Cisco Unified Service Monitor versions 1.0, 1.1, 2.0, and 2.1
* CiscoWorks QoS Policy Manager versions 4.0 and 4.1
* CiscoWorks LAN Management Solution versions 2.5, 2.6, 3.0, and 3.1
* Cisco Security Manager versions 3.0, 3.1, and 3.2
* Cisco TelePresence Readiness Assessment Manager version 1.0
* CiscoWorks Voice Manager versions 3.0 and 3.1
* CiscoWorks Health and Utilization Monitor versions 1.0 and 1.1
* Cisco Unified Operations Manager versions 1.0, 1.1, 2.0, and 2.1
* Cisco Unified Provisioning Manager versions 1.0, 1.1, 1.2, and 1.3


Published by


Calin is a network engineer, with more than 20 years of experience in designing, installing, troubleshooting, and maintaining large enterprise WAN and LAN networks.

One thought on “Cisco releases patch for critical flaw in CiscoWorks”

Any opinion on this post? Please let me know:

This site uses Akismet to reduce spam. Learn how your comment data is processed.