{"id":32592,"date":"2020-01-03T20:10:45","date_gmt":"2020-01-03T20:10:45","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/"},"modified":"2020-01-03T20:10:45","modified_gmt":"2020-01-03T20:10:45","slug":"new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/","title":{"rendered":"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc"},"content":{"rendered":"

Cisco is kicking off 2020 with the release of a crop of patches for its Data Center Network Manager.<\/p>\n

The updates<\/a> address a total of 12 CVE-listed patches and range in severity from moderate to critical, though should all be patched<\/a> regardless of rating. Nearly all were found within the REST and SOAP APIs.<\/p>\n

The immediate priority should be cleaning up CVE-201915975, CVE-201915976, and CVE-201915975, a trio<\/a> of authentication bypass bugs that can be exploited remotely without authentication.<\/p>\n

The three flaws are all related to the use of static encryption keys or credentials used by DCNM. CVE-2019-15975 allows an attacker to use the static key via REST API to craft a new, valid session token which grants admin privileges. CVE-2019-15976 describes the same issue via the SOAP API, while CVE-2019-15977 describes static credentials that only allow access to “certain confidential information,” but that infomation could be used for other attacks.<\/p>\n

Also patched were three path traversal vulnerabilities<\/a> in DCNM that, while bad in their own right, become an even bigger risk when paired with the above-mentioned authentication bypass bugs. An attacker can exploit the authentication bypass flaws for admin access, then use the path traversal bugs to get access to other devices and data. Those flaws were designated CVE-2019-15980 and CVE-2019-15981.<\/p>\n

\"cisco\"<\/p>\n

Cisco slips on a Tolkien ring: One chip design to rule them all, one design to find them. One design to bring them all…<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

CVE-2019-15984 and CVE-2019-15985 are SQL injection flaws<\/a> inside the REST and SOAP APIs that would allow a remote baddie to send arbitrary SQL commands. Both CVE-2019-15978 and CVE-2019-15979 allow<\/a> the remote injection of OS commands.<\/p>\n

Information disclosure is also possible via CVE-2019-15983<\/a>, which Cisco describes as an XML External Entity Read Access vulnerability – basically, the bad guy uses SOAP API commands to send XML that can then read arbitrary files. This requires admin access, which, luckily, is awarded via exploiting one of the earlier bypass flaws. Like we said, beware chained exploits.<\/p>\n

Finally, there is CVE-2019-15999<\/a>, a flaw that would allow a remote attacker to get low-privilege access to JBoss Enterprise Application Platform, a component that should only be accessible to local accounts.<\/p>\n

Admins are advised to review, test, and install all of the patches as soon as possible. \u00ae<\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Data Center Network Manager bugapalooza with three must-fix flaws Cisco is kicking off 2020 with the release of a crop of patches for its Data Center Network Manager.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":32593,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-32592","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nNew year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-03T20:10:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/01\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc\",\"datePublished\":\"2020-01-03T20:10:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/\"},\"wordCount\":415,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/\",\"name\":\"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg\",\"datePublished\":\"2020-01-03T20:10:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/","og_locale":"en_US","og_type":"article","og_title":"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-01-03T20:10:45+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/01\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc","datePublished":"2020-01-03T20:10:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/"},"wordCount":415,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/01\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/","url":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/","name":"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/01\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg","datePublished":"2020-01-03T20:10:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/01\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/01\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/new-year-new-critical-cisco-patches-to-install-this-time-for-a-dirty-dozen-of-bugs-that-can-be-exploited-to-sidestep-auth-inject-commands-etc\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"New year, new critical Cisco patches to install \u2013 this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/32592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=32592"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/32592\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/32593"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=32592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=32592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=32592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}