Cisco 发布了安全公告以应对发现于 Cisco 产品中运行 Cisco FXOS Software、Cisco Adaptive Security Appliance (ASA) Software、Firepower Threat Defense (FTD) Software 或 Cisco Firepower Management Center (FMC) Software 的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。
有关受影响系统的详细资料,请参阅供应商网站的相应安全公告中有关“Affected Products”的部分。
成功利用这些漏洞可以在受影响的系统导致程式码插入、指令码插入、任意操作档案、跨网址请求伪造(CSRF)攻击、跨网址指令码攻击、服务受阻断、泄漏资讯、绕过保安限制及篡改。
适用于受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。
系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cacauthbyp-NCLGZm3Q
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-3WymYWKh
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-redirect-NYDuSEQn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-6VqH4rpZ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dos-NjYvDcLA
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3299
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3373
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3455 (to CVE-2020-3459)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3499
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3514
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3553 (to CVE-2020-3555)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3557
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3561 (to CVE-2020-3565)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3571
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3577
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3580 (to CVE-2020-3583)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3585
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3599