Cisco публикува ъпдейти за защита на много продукти – 08.06.2018

​Cisco публикува ъпдейти, отстраняващи уязвимости в много продукти. Нападател дистанционно би използвал някои от тези уязвимости, за да поеме контрол над засегнатата система.

CERT България препоръчва на потребителите и администраторите да се запознаят със следните съвети за сигурност на Cisco и да приложат необходимите ъпдейти:

  • Cisco Prime Collaboration Provisioning – Unauthenticated Remote Method Invocation Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-rmi

  • Cisco IOS XE Software Authentication, Authorization, and Accounting Login Authentication –  Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-aaa

  • Cisco Web Security Appliance Layer 4 Traffic Monitor – Security Bypass Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-wsa

  • Cisco Prime Collaboration Provisioning – SQL Injection Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-sql

  • Cisco Prime Collaboration Provisioning – Unauthorized Password Reset Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-password-reset

  • Cisco Prime Collaboration Provisioning – Unauthorized Password Recovery Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-password-recovery

  • Cisco Prime Collaboration Provisioning – Access Control Bypass Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-bypass

  • Cisco Prime Collaboration Provisioning – Access Control Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-access

  • Cisco Network Services Orchestrator – Arbitrary Command Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso

  • Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-multiplatform-sip

  • Multiple Cisco Products Disk Utilization – Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos

  • Cisco Meeting Server – Information Disclosure Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-cms-id

  • Cisco Adaptive Security Appliance Web Services –  Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd