Cisco публикува ъпдейти за защита за множество продукти -19.04.2018

Cisco публикува много ъпдейти, отстраняващи уязвимости в сигурността на множество продукти. Нападател дистанционно би използвал някои от тези уязвимости, за да поеме контрол над засегнатата система.

CERT България препоръчва на потребителите и администраторите да се запознаят със следните съвети за сигурност на Cisco и да приложат необходимите ъпдейти:

  • Cisco WebEx Clients  – Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wbs

  • Cisco UCS Director Virtual Machine  – Information Disclosure Vulnerability for End User Portal

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-uscd

  • Cisco StarOS Interface Forwarding –  Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-staros

  • Cisco IOS XR Software UDP Broadcast Forwarding  – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr

  • Cisco Firepower Detection Engine Secure Sockets Layer – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fpsnort

  • Cisco Firepower 2100 Series Security Appliances IP Fragmentation – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100

  • Cisco ASA Software, FTD Software, and AnyConnect Secure Mobility Client SAML –  Authentication Session Fixation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect

  • Cisco Adaptive Security Appliance Application Layer Protocol Inspection – Denial of Service Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect

  • Cisco Adaptive Security Appliance TLS – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3

  • Cisco Adaptive Security Appliance Flow Creation – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2

  • Cisco Adaptive Security Appliance Virtual Private Network SSL Client Certificate – Bypass Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1

https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&offset=20#~Vulnerabilities