思科產品多個漏洞

影響

• 跨網站指令碼
• 阻斷服務
• 繞過保安限制
• 資料洩露

受影響之系統或技術

• 思科Email Security Appliances (ESA)
• 思科Web Security Appliance (WSA)
• 思科Identity Services Engine (ISE)
• 思科IOS XR Software

詳情請參閱以下連結﹕
https://tools.cisco.com/security/center/publicationListing.x

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝供應商提供的修補程式：

• 思科 Email Security Appliances (ESA)

詳情請參閱以下連結﹕
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-resource-exhaust-D7RQAhnD
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cont-sec-gui-dos-nJ625dXb

• 思科 Web Security Appliance (WSA)

詳情請參閱以下連結﹕
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cont-sec-gui-dos-nJ625dXb

• 思科 Identity Services Engine (ISE)

詳情請參閱以下連結﹕
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-BR7nEDjG

• 思科 IOS XR Software

詳情請參閱以下連結﹕
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipsec-dos-q8UPX6m

漏洞識別碼

• CVE-2020-3157
• CVE-2020-3164
• CVE-2020-3181
• CVE-2020-3190

資料來源

• Cisco
• AusCERT

相關連結

• https://tools.cisco.com/security/center/publicationListing.x
• https://www.auscert.org.au/bulletins/ESB-2020.0803/
• https://www.auscert.org.au/bulletins/ESB-2020.0802/
• https://www.auscert.org.au/bulletins/ESB-2020.0801.2/
• https://www.auscert.org.au/bulletins/ESB-2020.0800/