思科產品多個漏洞
發佈日期:
2023年01月13日
1548
觀看次數
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行任意程式碼、洩露敏感資料、資料篡改、跨網站指令碼及繞過保安限制。
影響
- 遠端執行程式碼
- 跨網站指令碼
- 繞過保安限制
- 資料洩露
- 阻斷服務
- 篡改
受影響之系統或技術
- Cisco BroadWorks Application Delivery Platform Device Management Software
- Cisco BroadWorks Application Server
- Cisco BroadWorks Xtended Services Platform
- Cisco CX Cloud Agent
- Cisco IND
- Cisco NSO
- IP Phone 7800 Series
- IP Phone 8800 Series
- Packaged Contact Center Enterprise (CCE)
- RoomOS Software in cloud-aware on-premises operation, which is cloud based
- RV160 VPN Routers
- RV160W Wireless-AC VPN Routers
- RV260 VPN Routers
- RV260P VPN Routers with PoE
- RV260W Wireless-AC VPN Routers
- RV340 Dual WAN Gigabit VPN Routers
- RV340W Dual WAN Gigabit Wireless-AC VPN Routers
- RV345 Dual WAN Gigabit VPN Routers
- RV345P Dual WAN Gigabit POE VPN Routers
- TelePresence CE Software
- Unified CCE
- Unified Contact Center Express (CCX)
- Webex Room Phone
- Webex Share
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-xss-Omm8jyBX
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cxagent-gOq9QjqZ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-fZyVjJtG
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-xss-EzqDXqG4
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-dkjGFgRK
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-memlk-McOecPT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-cmd-exe-n47kJQLE
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rcedos-7HjP74jD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-dos-HpkeYzp
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg
漏洞識別碼
- CVE-2023-20002
- CVE-2023-20007
- CVE-2023-20008
- CVE-2023-20018
- CVE-2023-20019
- CVE-2023-20020
- CVE-2023-20037
- CVE-2023-20038
- CVE-2023-20040
- CVE-2023-20043
- CVE-2023-20044
- CVE-2023-20045
- CVE-2023-20047
- CVE-2023-20058
資料來源
相關連結
- https://www.auscert.org.au/bulletins/ESB-2023.0180
- https://www.auscert.org.au/bulletins/ESB-2023.0179
- https://www.auscert.org.au/bulletins/ESB-2023.0178
- https://www.auscert.org.au/bulletins/ESB-2023.0177
- https://www.auscert.org.au/bulletins/ESB-2023.0176
- https://www.auscert.org.au/bulletins/ESB-2023.0175
- https://www.auscert.org.au/bulletins/ESB-2023.0174
- https://www.auscert.org.au/bulletins/ESB-2023.0173
- https://www.auscert.org.au/bulletins/ESB-2023.0172
- https://www.auscert.org.au/bulletins/ESB-2023.0170
- https://www.auscert.org.au/bulletins/ESB-2023.0169
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-xss-Omm8jyBX
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cxagent-gOq9QjqZ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-fZyVjJtG
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-xss-EzqDXqG4
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-dkjGFgRK
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-memlk-McOecPT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-cmd-exe-n47kJQLE
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rcedos-7HjP74jD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-dos-HpkeYzp
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg
分享至