Cisco releases security patches for high severity flaws in Web Security Appliance (WSA) and Business Process Automation (BPA) that could lead to privilege escalation attacks.
The IT giant has patched two flaws – CVE-2021-1574, CVE-2021-1576 – in BPA. An authenticated attacker could remotely exploit these flaws to upgrade their privileges to Administrator. Both flaws are located in the Business Process Automation’s (BPA) web-based management interface, and they have a CVSS score of 8.8.
Cisco has fixed these flaws with the release of version 3.1 and later.
To Read More: securityaffairs
For more such updates follow us on Google News ITsecuritywire News.