Cisco публикува ъпдейти, отстраняващи уязвимости в някои продукти. Нападател дистанционно би използвал някои от тези уязвимости, за да поеме контрол над засегнатата система.
CERT България препоръчва на потребителите и администраторите да се запознаят със следните съвети за сигурност на Cisco и да приложат необходимите ъпдейти:
Cisco Cloud Services Platform 2100 Web Upload Function Code Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-csp2100-injection
Multiple Vulnerabilities in Cisco Finesse – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-finesse
Cisco Policy Suite Read-Only User Effect Change Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-change
Cisco Policy Suite World-Readable Sensitive Data Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data
Cisco SD-WAN Solution Local Buffer Overflow Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-bo
Cisco SD-WAN Solution Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-cmd-inject
Cisco SD-WAN Solution Remote Code Execution Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex
Multiple Vulnerabilities in Cisco Unified Contact Center Express – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-uccx
Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ucmim-ps-xss
Cisco Webex DOM-Based Cross-Site Scripting Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-DOM-xss
Cisco Webex Network Recording Players Denial of Service Vulnerabilities – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-dos
Cisco Webex Teams Remote Code Execution Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-teams-rce
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos
Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdinj
Cisco SD-WAN Solution CLI Command Injection Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdnjct
Cisco SD-WAN Solution Command Injection Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-coinj
Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cx
Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-dos
Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-fo
Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce
Cisco Policy Suite Cluster Manager Default Password Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-cm-default-psswrd
Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access
Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access
Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access