政府电脑保安事故协调中心 - 保安警报 (A21-03-09): Cisco 产品多个漏洞

描述:

Cisco 发布了安全公告以应对发现于 Cisco 装置及软件中的多个漏洞。有关漏洞及攻击向量的资料，请参阅供应商网站的相应安全公告。

受影响的系统:

Cisco IOS XE SD-WAN 软件
Cisco Jabber
Cisco 运行 IOS 的产品
Cisco 运行IOS XE 的产品
Cisco 运行IOx 的产品
Cisco 运行Cisco Access Point 软件的产品
Cisco 运行Cisco Aironet Series Access Point 软件的产品

有关受影响产品的详细资料，请参阅供应商网站的相应安全公告中有关“Affected Products”的部分。

影响:

成功利用这些漏洞可以在受影响的系统导致插入任意指令码、执行任意程式码、服务受阻断、泄漏资讯、绕过保安限制、系统重启、篡改、权限提升或完全控制受影响的系统，视乎攻击者利用哪些漏洞而定。

建议:

适用于受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议，立即采取行动以降低风险。有关修补程式的详细资料，请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。

系统管理员可联络其产品支援供应商，以取得修补程式及有关支援。

进一步信息:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-hbBS7SZE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-jabber-PWrTATTC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-capwap-dos-2OA3JgKS
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-xss-cAfMtCzv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fast-Zqr6DD5
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cat-verify-BQ5hrXgH
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-evss-code-exe-8cw5VSvw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-iot-codexec-k46EFF6q
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-os-cmd-inj-Ef6TV5e9
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-arbfile-FUxskKDE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-buffover-CqdRWLc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cswsh-FKk9AzT5
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-decnet-dos-cuPWDkyL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwdos-4zeEeC9w
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwpathtrav-nsrue2Mt
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webcmdinjsh-UFJxTgZD
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7g
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-clipriv-9TO2QGVp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-BLKH-Ouvrnf2s
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-webui-dos-z9yqYQAn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwcinj-t68PPW7m
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1371
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1373 (to CVE-2021-1377)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1381 (to CVE-2021-1385)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1390 (to CVE-2021-1392)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1394
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1431 (to CVE-2021-1437)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1439
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1441 (to CVE-2021-1443)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1446
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1451 (to CVE-2021-1454)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1471

标签 : Cisco , Cisco IOS , Cisco SD-WAN , Cisco Jabber , Cisco IOx , Cisco Access Point , Cisco Aironet AP