1. 主页
  2. 保安警报
  3. 保安警报 (A21-02-10)

保安警报 (A21-02-10): Cisco产品多个漏洞


 

发布日期: 2021年 2月 25日

  
  

描述:

Cisco 发布了安全公告以应对发现于 Cisco Application Services Engine、Cisco 运行 NX-OS 的产品、Cisco 运行 FX-OS 的产品及 Cisco Nexus 9000 Series中的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。

 

受影响的系统:

  • Cisco ACI Multi-Site Orchestrator
  • Cisco Application Services Engine
  • Cisco 运行 NX-OS 的产品
  • Cisco 运行 FX-OS 的产品
  • Cisco Nexus 9000 Series

有关受影响产品的详细资料,请参阅供应商网站的相应安全公告中有关“Affected Products”的部分。

 

影响:

成功利用这些漏洞可以在受影响的系统导致服务受阻断、绕过保安限制、系统重启、篡改、未获认证的服务权限访问或全面控制受影响系统,视乎攻击者利用哪些漏洞而定。

 

建议:

适用于受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。

系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。

 

进一步信息:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-case-mvuln-dYrDPC6w
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-authbyp-bb5GmBQv
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-csrf-wRMzWL9z
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1227 (to CVE-2021-1231)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1361
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1367
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1368
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1387
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1388
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1393
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1396

 



标签 : Cisco , Cisco NX-OS , Cisco FXOS , Cisco Nexus Switch , Cisco Application Services Engine , Cisco ACI
标签