思科產品多個漏洞
最後更新
2022年10月21日
發佈日期:
2022年10月06日
1638
觀看次數
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
在思科產品發現多個漏洞,遠端攻擊者可利用這些漏洞在目標系統觸發繞過保安限制、遠端執行程式碼、篡改、權限提升及跨網站指令碼。
[Updated on 2022-10-21]
注意:CVE-2022-20917 的概念驗證碼已被公開
影響
- 繞過保安限制
- 權限提升
- 遠端執行程式碼
- 篡改
- 跨網站指令碼
受影響之系統或技術
- Cisco Enterprise NFV Infrastructure Software
- Cisco Expressway Series and Cisco TelePresence Video Communication Server
- Cisco Touch 10 Devices
- Cisco Secure Web Appliance Content Encoding Filter
- Cisco BroadWorks Hosted Thin Receptionist
- Cisco ATA 190 Series Analog Telephone Adapter Software
- Cisco Smart Software Manager On-Prem
概念驗證碼已被公開:
- Cisco Jabber Client Software Extensible Messaging and Presence Protocol
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-ISV-BQrvEv2h
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-sqpsSfY6
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-DAV-HSvEHHEt
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv
概念驗證碼已被公開:
漏洞識別碼
- CVE-2022-20686
- CVE-2022-20687
- CVE-2022-20688
- CVE-2022-20689
- CVE-2022-20690
- CVE-2022-20691
- CVE-2022-20766
- CVE-2022-20793
- CVE-2022-20814
- CVE-2022-20853
- CVE-2022-20917
- CVE-2022-20929
- CVE-2022-20931
- CVE-2022-20939
- CVE-2022-20948
- CVE-2022-20952
資料來源
相關連結
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-ISV-BQrvEv2h
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-sqpsSfY6
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-DAV-HSvEHHEt
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-xmpp-Ne9SCM
分享至