【雲智維資安預警通知】
一、摘要
思科產品存在多個漏洞,允許遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、洩露敏感資料及遠端執行任意程式碼。
二、存在風險
思科產品存在多個漏洞,允許遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、洩露敏感資料及遠端執行任意程式碼,其影響系統如下:
受影響之系統/漏洞描述:
MDS 9000 Series Multilayer Switches
Nexus 1000 Virtual Edge for VMware vSphere
Nexus 3000 Series Switches
Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Nexus 9000 Series Fabric Switches in ACI mode
Nexus 9000 Series Switches in standalone NX-OS mode
Nexus 9000 Series Switches in standalone NX-OS mode
UCS 6400 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
UCS 6500 Series Fabric Interconnects
UCS 6500 Series Fabric Interconnects
UCS X-Series Direct Fabric Interconnect 9108 100G
三、建議改善措施
企業及使用者如有上述漏洞版本應儘速更新。
情資報告連結:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-infodis-TEcTYSFG
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss