思科產品多個漏洞
風險: 中度風險
類型: 操作系統 - Network
於思科產品發現多個漏洞,遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升、遠端執行程式碼、繞過保安限制、敏感資料洩露及資料篡改。
影響
- 阻斷服務
- 權限提升
- 遠端執行程式碼
- 繞過保安限制
- 資料洩露
- 篡改
受影響之系統或技術
- Cisco SD-WAN
- Cisco Small Business Routers
- Cisco Unified Communications
詳情請參閱以下連結﹕
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
- 安裝供應商提供的修補程式:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb
漏洞識別碼
- CVE-2021-1137
- CVE-2021-1251
- CVE-2021-1308
- CVE-2021-1309
- CVE-2021-1362
- CVE-2021-1380
- CVE-2021-1407
- CVE-2021-1408
- CVE-2021-1409
- CVE-2021-1459
- CVE-2021-1472
- CVE-2021-1473
- CVE-2021-1479
- CVE-2021-1480
資料來源
相關連結
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-Q4PZcNzJ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb
https://www.auscert.org.au/bulletins/ESB-2021.1165
https://www.auscert.org.au/bulletins/ESB-2021.1168
分享至