描述:
Cisco 发布了安全公告,以应对 Cisco 装置及软件中的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。
受影响的系统:
- Cisco Access Point Software
- Cisco Adaptive Security Appliance Software
- Cisco DNA Center
- Cisco Firepower Threat Defense Software
- Cisco IOS Software
- Cisco IOS XE Software
- Cisco SD-WAN vManage Software
有关受影响产品的详细资料,请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。
影响:
成功利用漏洞可以在受影响的系统导致插入任意指令码、服务被拒绝、泄漏资讯、权限提升、绕过保安限制或仿冒诈骗,视乎攻击者利用哪些漏洞而定。
建议:
现已有适用于受影响系统的软件更新。受影响系统的系统管理员应遵从产品供应商的建议,立即採取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software”的部分。
系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。
进一步资讯:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdios-dhcpv6-cli-Zf3zTv
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9300-spi-ace-yejYgnNQ
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-apjoin-dos-nXRHkt5
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-infodisc-pe7zAbdR
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-privesc-QFXe74RS
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-dos-wFujBHKw
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dhcpv6-dos-44cMvdDK
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-gre-crash-p6nE5Sq5
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-sABD8hcU
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacb
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-csrf-76RDbLEh
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20027
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20029
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20035
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20055 (to CVE-2023-20056)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20059
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20065 (to CVE-2023-20067)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20072
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20080 (to CVE-2023-20082)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20100
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20107
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20112 (to CVE-2023-20113)