1. 主页
  2. 保安警报
  3. 保安警报 (A24-04-06)

保安警报 (A24-04-06): Cisco 产品多个漏洞


 

发布日期: 2024年 4月 5日

  
  

描述:

Cisco 发布了安全公告,以应对 Cisco 产品的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。

 

受影响的系统:

  • Cisco Emergency Responder
  • Cisco Enterprise Chat and Email
  • Cisco Identity Services Engine
  • Cisco Nexus Dashboard
  • Cisco Nexus Dashboard Fabric Controller
  • Cisco Nexus Dashboard Orchestrator
  • Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers
  • Cisco TelePresence Management Suite
  • Cisco Unified Communications Manager IM & Presence Service

有关受影响系统的详细资料,请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。

 

影响:

成功利用漏洞可以在受影响的系统导致泄漏资讯、权限提升、绕过保安限制或仿冒诈骗。

 

建议:

适用于受影响系统的修补程式已可获取。受影响系统的系统管理员应遵从供应商的建议,立即採取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software”的部分。

系统管理员应联络其供应商,以取得修补程式及有关支援。

 

进一步资讯:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imps-xss-quWkd9yF
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-xss-CSQxgxfM
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-NfAKXrp5
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-dir-trav-SSn3AYDw
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfccsrf-TEmZEfJ9
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndidv-LmXdvAf2
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-upav-YRqsCcSP
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-kGw4DX9Y
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20281 (to CVE-2024-20283)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20302
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20310
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20332
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20334
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20347 (to CVE-2024-20348)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20352
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20362
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20367 (to CVE-2024-20368)


标签 : Cisco , Cisco Emergency Responder , Cisco Enterprise Chat and Email , Cisco Identity Services Engine , Cisco Nexus Dashboard , Cisco Router , Cisco TelePresence Management Suite , Cisco Unified Communications
标签