政府电脑保安事故协调中心 - 保安警报 (A22-11-11): Cisco 产品多个漏洞

描述:

Cisco 发布了安全公告，以应对 Cisco 装置及软件中的多个漏洞。有关漏洞及攻击向量的资料，请参阅供应商网站的相应安全公告。

受影响的系统:

Cisco Adaptive Security Appliance Software
Cisco Cyber Vision
Cisco Firepower Management Center Software
Cisco Firepower Software for ASA Firepower Module
Cisco Firepower Threat Defense Software
Cisco FXOS Software
Cisco Meraki MX Security Appliances
Cisco NGIPS Software
Cisco Secure Firewall 3100 Series
Cisco Umbrella Secure Internet Gateway

有关受影响产品的详细资料，请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。

影响:

成功利用漏洞可以在受影响的系统导致插入任意指令码、跨网址程式编程、服务被拒绝、泄漏资讯、权限提升或绕过保安限制，视乎攻击者利用哪些漏洞而定。

建议:

现已有适用于受影响系统的软件更新。受影响系统的系统管理员应遵从产品供应商的建议，立即採取行动以降低风险。有关修补程式的详细资料，请参阅供应商网站的相应安全公告中有关 “Fixed Software”的部分。

系统管理员可联络其产品支援供应商，以取得修补程式及有关支援。

进一步资讯:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-Z3B5MY35
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-info-disc-UghNRRhP
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-LATZYzxs
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xxe-MzPC4bYd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcsfr-snmp-access-6gqgtJ4S
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20831 (to CVE-2022-20836)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20838 (to CVE-2022-20840)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20918
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20924 (to CVE-2022-20928)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20934 (to CVE-2022-20936)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20940 (to CVE-2022-20941)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20943
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20946 (to CVE-2022-20947)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20949 (to CVE-2022-20950)

标签 : Cisco , Cisco ASA , Cisco Cybervision , Cisco FMC , Cisco Firepower , Cisco FTD , Cisco FXOS , Cisco Meraki , Cisco NGIPS , Cisco Secure Firewall , Cisco Umbrella