Cisco публикува ъпдейти за защита на много продукти – 21.06.2018

Cisco публикува ъпдейти, отстраняващи уязвимости в сигурността на много продукти. Нападател дистанционно би използвал някои от тези уязвимости, за да поеме контрол над засегнатата система.

CERT България препоръчва на потребителите и администраторите да се запознаят със следните съвети за сигурност на Cisco и да приложат необходимите ъпдейти:

·  Cisco NX-OS Software NX-API – Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo

·  Cisco FXOS and NX-OS Software Cisco Fabric Services –  Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace

·  Cisco FXOS and NX-OS Software Cisco Fabric Services – Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-ace

·  Cisco FXOS and NX-OS Software Cisco Fabric Services – Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-fabric-execution

·  Cisco FXOS and NX-OS Software Cisco Fabric Services – Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-cli-execution

·  Cisco NX-OS Software CLI – Arbitrary Command Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-injection

·  Cisco NX-OS Software Authenticated Simple Network Management Protocol – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp

·  Cisco NX-OS Software Role-Based Access Control – Elevated Privileges Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac

·  Cisco NX-OS Software Internet Group Management Protocol Snooping – Remote Code Execution and Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp

·  Cisco NX-OS Software Border Gateway Protocol – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp

·  Cisco FXOS and NX-OS Software – Unauthorized Administrator Account Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin

·  Cisco NX-OS Software NX-API – Privilege Escalation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi

·  Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol  – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp

·  Cisco FXOS and NX-OS Software Cisco Fabric Services – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos

·  Cisco FXOS and NX-OS Software Cisco Fabric Services – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos

·  Cisco NX-OS Software CLI – Arbitrary Command Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-cli-execution

·  Cisco NX-OS Software NX-API – Arbitrary Command Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-api-execution

·  Cisco Nexus 4000 Series Switch Simple Network Management Protocol Polling – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n4k-snmp-dos

·  Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-n3k-n9k-clisnmp

·  Cisco FXOS Software and UCS Fabric Interconnect Web UI – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos

·  Cisco FXOS Software and UCS Fabric Interconnect – Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace

· Cisco FXOS and NX-OS Software Cisco Discovery Protocol  – Arbitrary Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos

· Cisco FXOS and NX-OS Software Cisco Fabric Services  – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-fabric-dos

· Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 – Security Appliance Path Traversal Vulnerability

      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-    firepwr-pt