1. 主页
  2. 保安警报
  3. 保安警报 (A21-07-02)

保安警报 (A21-07-02): Cisco 产品多个漏洞


 

发布日期: 2021年 7月 8日

  
  

描述:

Cisco 发布了安全公告以应对发现於 Cisco 装置及软件中的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。

 

受影响的系统:

  • Cisco Adaptive Security Device Manager
  • Cisco BroadWorks Application Server
  • Cisco Business Process Automation
  • Cisco Identity Services Engine
  • Cisco IP Phone 8800 Series, 8811, 8841, 8845, 8851, 8861, 8865
  • Cisco Video Surveillance 7000 Series IP Cameras
  • Cisco Virtualized Voice Browser
  • Cisco Web Security Appliance
  • Cisco Wireless IP Phone 8821

有关受影响产品的详细资料,请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。

 

影响:

成功利用这些漏洞可以在受影响的系统导致执行任意程式码、跨网址程式编程、服务受阻断、泄漏资讯、权限提升或完全控制受影响的系统,视乎攻击者利用哪些漏洞而定。

 

建议:

适用於受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。

系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。

 

进一步信息:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-rce-gqjShXW
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broad-as-inf-disc-ZUXGFFXQ
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldpcdp-mem-yTQDmjRO
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3
  • https://www.hkcert.org/tc/security-bulletin/cisco-products-remote-code-execution-vulnerability_20210708
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1359
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1562
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1574 (to CVE-2021-1576)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1585
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1595 (to CVE-2021-1597)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1603 (to CVE-2021-1605)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33478


标签 : Cisco , Cisco ASDM , Cisco BroadWorks Application Server , Cisco Business Process Automation , Cisco Identity Services Engine , Cisco IP Phone , Cisco IP Camera , Cisco Virtualized Voice Browser , Cisco Web Security Appliance
标签