保安警报 (A21-10-06): Cisco 产品多个漏洞

描述:

Cisco 发布了安全公告以应对发现於 Cisco 装置及软件中的多个漏洞。有关漏洞及攻击向量的资料，请参阅供应商网站的相应安全公告。

受影响的系统:

• Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module
• Cisco ATA 190 Series Analog Telephone Adapter Software
• Cisco Business 220 Series Smart Switches
• Cisco DNA Center
• Cisco Email Security Appliance
• Cisco Identity Services Engine
• Cisco Intersight Virtual Appliance
• Cisco IP Phone Software
• Cisco Orbital
• Cisco RoomOS Software
• Cisco Small Business 220 Series Smart Switches
• Cisco Smart Software Manager On-Prem
• Cisco TelePresence Collaboration Endpoint Software
• Cisco Vision Dynamic Signage Director
• Cisco Web Security Appliance

有关受影响产品的详细资料，请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。

影响:

成功利用这些漏洞可以在受影响的系统导致远端执行程式码、插入任意指令码、跨网址程式编程、服务受阻断、泄漏资讯、权限提升、绕过保安限制或仿冒诈骗，视乎攻击者利用哪些漏洞而定。

建议:

适用於受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议，立即采取行动以降低风险。有关修补程式的详细资料，请参阅供应商网站的相应安全公告中有关 “Fixed Software”的部分。

系统管理员可联络其产品支援供应商，以取得修补程式及有关支援。

进一步信息:

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-redirect-rQ2Bu7dU
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-A4J57F3
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvdsd-xss-fvdj6HK
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-infodisc-KyC6YncS
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-sGcfsDrp
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-disc-pNXtLhdp
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-UwqPrBM3
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xxe-inj-V4VSjEsX
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-priv-esc-5g35cdDJ
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tpce-rmos-mem-dos-rck56tT
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-command-inject-CGyC8y2R
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-dos-fmHdKswk
• https://www.hkcert.org/tc/security-bulletin/cisco-products-multiple-vulnerabilities_20211007
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1534
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1594
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34698
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34702
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34706
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34710
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34711
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34735
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34742
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34744
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34748
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34757
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34758
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34766
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34772
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34775 (to CVE-2021-34777)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34782
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34788