【雲智維資安預警通知】
一、摘要
思科產品存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升及繞過身份驗證。
二、存在風險
思科產品存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升及繞過身份驗證,受影響之系統或技術如下:
受影響之系統/漏洞描述:
Cisco IOS Software
Cisco IOS XE Software
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
Cisco Secure Firewall Threat Defense (FTD) Software
三、建議改善措施:
企業及使用者如有上述漏洞版本應儘速更新。
情資報告連結:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-buffer-overflow-PyRUhWBC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-acl-bypass-mtPze9Yh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmdinj-VEhFeZQ3
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dhcp-qj7nGs4N
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-http-file-hUyX2jL4
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nat-dns-dos-bqhynHTM
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssltls-dos-eHw76vZe
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-mfPekA6e
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpnwebs-dos-hjBhmBsX
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2k-IPsec-dos-tjwgdZCO