【雲智維資安預警通知】
存在風險
思科產品存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升、遠端執行程式碼、繞過身份驗證、洩露資料洩露及資料篡改,其影響系統或版本如下:
受影響之系統/漏洞描述:
1000 Series Integrated Services Routers (ISRs)
1100 Series Integrated Service Routers (ISRs)
4000 Series ISRs
800 Series Industrial ISRs
Catalyst 1000 Switches
Catalyst 2960-L Series Switches
Catalyst 2960CX Series Switches
Catalyst 2960X Series Switches
Catalyst 2960XR Series Switches
Catalyst 3560CX Series Switches
Catalyst 8200 Series Edge Platforms
Catalyst 8300 Series Edge Platforms
Catalyst 8500 Series Edge Platforms
Catalyst 8500L Series Edge Platforms
Catalyst 9100 Family of Access Points (COS-AP)
Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300, 9400, and 9500 Series Switches
Catalyst 9800 Series Wireless Controllers
Catalyst 9800-CL Wireless Controllers for Cloud
CGR1000 Compute Modules
Cisco ASA Software
Cisco ASR 903 Aggregation Services Routers with RSP3C
Cisco FTD Software
Cisco IOS Software
Cisco IOS XE Software
Cisco IOS XE Software for WLCs
Cisco WLC AireOS Software
Embedded Wireless Controller on Catalyst 9100X Series Access Points
Embedded Wireless Controller on Catalyst APs
Embedded Wireless Controllers on Catalyst Access Points
Embedded Wireless Controllers on Catalyst APs
IC3000 Industrial Compute Gateways
IE 2000 Series
IE 4000 Series
IE 4010 Series
IE 5000 Series
Integrated access points (APs) in Integrated Service Routers (ISR)1100 (Wi-Fi 6)
IR510 WPAN Industrial Routers
Wi-Fi 6 pluggable module for Catalyst IR1800 Rugged Series Routers
建議改善措施:
企業及使用者如有上述漏洞版本應儘速更新。
情資報告連結:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960-3560-sboot-ZtqADrHq
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-privesc-wCRd5e3
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-gVn3OKNC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC