思科產品多個漏洞
發佈日期:
2024年09月27日
1533
觀看次數
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升、遠端執行任意程式碼、洩露敏感資料、資料篡改、跨網站指令碼及繞過保安限制。
影響
- 阻斷服務
- 遠端執行程式碼
- 繞過保安限制
- 權限提升
- 跨網站指令碼
- 資料洩露
- 篡改
受影響之系統或技術
- 1000 Series Integrated Services Routers (ISRs) running a vulnerable release of Cisco IOS XE Software
- 1000 Series Integrated Services Routers (ISRs) running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- 4000 Series ISRs running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- Catalyst 8000v Edge Software running a vulnerable release of Cisco IOS XE Software
- Catalyst 8000V Edge Software running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- Catalyst 8200 Series Edge Platforms running a vulnerable release of Cisco IOS XE Software
- Catalyst 8200 Series Edge Platforms running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- Catalyst 8300 Series Edge Platforms running a vulnerable release of Cisco IOS XE Software
- Catalyst 8300 Series Edge Platforms running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- Catalyst 8500L Edge Platforms running a vulnerable release of Cisco IOS XE Software
- Catalyst 8500L Series Edge Platforms running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- Catalyst 9300X Series Switches running a vulnerable release of Cisco IOS XE Software
- Catalyst 9400X Supervisor Engines running a vulnerable release of Cisco IOS XE Software
- Catalyst 9500X Series Switches running a vulnerable release of Cisco IOS XE Software
- Catalyst 9600 Series Switches running a vulnerable release of Cisco IOS XE Software
- Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300, 9400, and 9500 Series Switches running a vulnerable release of Cisco IOS XE Software
- Catalyst 9800 Series Wireless Controllers running a vulnerable release of Cisco IOS XE Software
- Catalyst 9800-CL Wireless Controllers for Cloud running a vulnerable release of Cisco IOS XE Software
- Catalyst IR8300 Rugged Series Routers running a vulnerable release of Cisco IOS XE Software
- Catalyst IR8300 Rugged Series Routers running a vulnerable release of Cisco UTD Snort IPS Engine for Cisco IOS XE Software
- Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 17.12.1 or 17.12.1a.
- Cisco Catalyst Center
- Cisco Catalyst SD-WAN Manager
- Cisco cBR-8 Converged Broadband Routers running Cisco IOS XE Software Release 17.12.1 or 17.12.1a.
- Cisco IOS and IOS XE Software
- Crosswork NSO
- Embedded Wireless Controllers on Catalyst Access Points running a vulnerable release of Cisco IOS XE Software
- Industrial Ethernet 4000 Series Switches running Cisco IOS Software Release 15.2(8)E2 or later
- Industrial Ethernet 4010 Series Switches running Cisco IOS Software Release 15.2(8)E2 or later
- Industrial Ethernet 5000 Series Switches running Cisco IOS Software Release 15.2(8)E2 or later
- Optical Site Manager
- RV340 Dual WAN Gigabit VPN Routers
- SD-WAN vEdge Cloud Routers
- SD-WAN vEdge Routers
詳情請參閱以下連結﹕
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpp-vfr-dos-nhHKGgO
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-httpsrvr-dos-yOZThut
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-HfwnRgk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-MBcbG9k
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pim-APbVfySJ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-vedos-KqFfhps3
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-utd-snort3-dos-bypas-b4OUEwxD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vlan-dos-27Pur5RT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-csrf-ycUYxkKO
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-cwa-acl-nPSbHSnA
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpp-vfr-dos-nhHKGgO
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-httpsrvr-dos-yOZThut
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-HfwnRgk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-MBcbG9k
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pim-APbVfySJ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-vedos-KqFfhps3
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-utd-snort3-dos-bypas-b4OUEwxD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vlan-dos-27Pur5RT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-csrf-ycUYxkKO
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-cwa-acl-nPSbHSnA
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp
漏洞識別碼
- CVE-2024-20350
- CVE-2024-20381
- CVE-2024-20414
- CVE-2024-20433
- CVE-2024-20434
- CVE-2024-20436
- CVE-2024-20437
- CVE-2024-20455
- CVE-2024-20464
- CVE-2024-20465
- CVE-2024-20467
- CVE-2024-20475
- CVE-2024-20480
- CVE-2024-20496
- CVE-2024-20508
- CVE-2024-20510
資料來源
相關連結
- https://portal.auscert.org.au/bulletins/ESB-2024.6224/
- https://portal.auscert.org.au/bulletins/ESB-2024.6223/
- https://portal.auscert.org.au/bulletins/ESB-2024.6222/
- https://portal.auscert.org.au/bulletins/ESB-2024.6221/
- https://portal.auscert.org.au/bulletins/ESB-2024.6220/
- https://portal.auscert.org.au/bulletins/ESB-2024.6219/
- https://portal.auscert.org.au/bulletins/ESB-2024.6218/
- https://portal.auscert.org.au/bulletins/ESB-2024.6217/
- https://portal.auscert.org.au/bulletins/ESB-2024.6216/
- https://portal.auscert.org.au/bulletins/ESB-2024.6215/
- https://portal.auscert.org.au/bulletins/ESB-2024.6214/
- https://portal.auscert.org.au/bulletins/ESB-2024.6213/
- https://portal.auscert.org.au/bulletins/ESB-2024.6212/
- https://portal.auscert.org.au/bulletins/ESB-2024.6211/
- https://portal.auscert.org.au/bulletins/ESB-2024.6210/
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpp-vfr-dos-nhHKGgO
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-httpsrvr-dos-yOZThut
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-HfwnRgk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-MBcbG9k
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pim-APbVfySJ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-vedos-KqFfhps3
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-utd-snort3-dos-bypas-b4OUEwxD
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vlan-dos-27Pur5RT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-csrf-ycUYxkKO
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-cwa-acl-nPSbHSnA
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp
分享至