Cisco发布了安全公告以应对发现于Cisco IOS、IOS XE、IOS XR及NX-OS软件中的多个漏洞。未获认证的远端攻击者可以向受影响系统发出特制的查询或产生大量连接,从而攻击这些漏洞。获认证的攻击者可以向受影响系统发出特制的查询、加载可疑软件映像,执行任意指令或插入恶意USB装置,从而攻击这些漏洞。
有关受影响系统的详细资料,请参阅供应商网站的相应安全公告中有关“Affected Products”的部分。
成功利用这些漏洞的攻击者可以在受影响的系统导致泄漏资讯、服务受阻断、执行任意指令、篡改、权限提升、绕过保安限制或控制受影响的系统。
适用于受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。
系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-72547
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-awr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ctspac-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-dt
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-http-client
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-httpserv-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-codeexec
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-ctbypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-digsig-bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox-gs
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-isdn-data-leak
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-nxos-vman-cmd-inj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-tsec
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman-cmd-injection
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xss
https://www.hkcert.org/my_url/zh/alert/19092601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12646 (to CVE-2019-12651)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12653 (to CVE-2019-12672)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12717