跳至主內容

思科產品多個漏洞

發佈日期: 2024年04月22日 535 觀看次數

風險: 中度風險

類型: 保安軟件及應用設備 - 保安軟件及應用設備

類型: 保安軟件及應用設備

於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行程式碼及權限提升。

注意﹕
已有 CVE-2024-20295和 CVE-2024-20356 的概念驗證碼。CVE-2024-20295漏洞需要至少具閱讀權限的本地用戶才能執行關鍵操作。另外,CVE-2024-20356漏洞需要至少具有資源管理員角色權限的用戶才能執行關鍵操作。因此,整體風險水平為中度風險。


影響

  • 遠端執行程式碼
  • 權限提升

受影響之系統或技術

  • 5000 Series Enterprise Network Compute Systems (ENCS)
  • Catalyst 8300 Series Edge uCPE
  • UCS C-Series M5, M6, and M7 Rack Servers in standalone mode
  • UCS E-Series Servers
  • UCS S-Series Storage Servers in standalone mode
  • 5520 and 8540 Wireless Controllers
  • Application Policy Infrastructure Controller (APIC) Servers
  • Business Edition 6000 and 7000 Appliances
  • Catalyst Center Appliances, formerly DNA Center
  • Cisco Telemetry Broker Appliance
  • Cloud Services Platform (CSP) 5000 Series
  • Common Services Platform Collector (CSPC) Appliances
  • Connected Mobile Experiences (CMX) Appliances
  • Connected Safety and Security UCS Platform Series Servers
  • Cyber Vision Center Appliances
  • Expressway Series Appliances
  • HyperFlex Edge Nodes
  • HyperFlex Nodes in HyperFlex Datacenter without Fabric Interconnect (DC-NO-FI) deployment mode
  • IEC6400 Edge Compute Appliances
  • IOS XRv 9000 Appliances
  • Meeting Server 1000 Appliances
  • Nexus Dashboard Appliances
  • Prime Infrastructure Appliances
  • Prime Network Registrar Jumpstart Appliances
  • Secure Email Gateways
  • Secure Email and Web Manager
  • Secure Endpoint Private Cloud Appliances
  • Secure Firewall Management Center Appliances, formerly Firepower Management Center
  • Secure Malware Analytics Appliances
  • Secure Network Analytics Appliances
  • Secure Network Server Appliances
  • Secure Web Appliances
  • Secure Workload Servers

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:


漏洞識別碼


資料來源


相關連結