1. 主頁
  2. 保安警報
  3. 保安警報 (A24-04-06)

保安警報 (A24-04-06): Cisco 產品多個漏洞


 

發布日期: 2024年 4月 5日

  
  

描述:

Cisco 發布了安全公告,以應對 Cisco 產品的多個漏洞。有關漏洞及攻擊向量的資料,請參閱供應商網站的相應安全公告。

 

受影響的系統:

  • Cisco Emergency Responder
  • Cisco Enterprise Chat and Email
  • Cisco Identity Services Engine
  • Cisco Nexus Dashboard
  • Cisco Nexus Dashboard Fabric Controller
  • Cisco Nexus Dashboard Orchestrator
  • Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers
  • Cisco TelePresence Management Suite
  • Cisco Unified Communications Manager IM & Presence Service

有關受影響系統的詳細資料,請參閱供應商網站的相應安全公告中有關 “Affected Products” 的部分。

 

影響:

成功利用漏洞可以在受影響的系統導致泄漏資訊、權限提升、繞過保安限制或仿冒詐騙。

 

建議:

適用於受影響系統的修補程式已可獲取。受影響系統的系統管理員應遵從供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Fixed Software”的部分。

系統管理員應聯絡其供應商,以取得修補程式及有關支援。

 

進一步資訊:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imps-xss-quWkd9yF
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-xss-CSQxgxfM
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-NfAKXrp5
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-dir-trav-SSn3AYDw
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfccsrf-TEmZEfJ9
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndidv-LmXdvAf2
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-upav-YRqsCcSP
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-kGw4DX9Y
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20281 (to CVE-2024-20283)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20302
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20310
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20332
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20334
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20347 (to CVE-2024-20348)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20352
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20362
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20367 (to CVE-2024-20368)


標籤 : Cisco , Cisco Emergency Responder , Cisco Enterprise Chat and Email , Cisco Identity Services Engine , Cisco Nexus Dashboard , Cisco Router , Cisco TelePresence Management Suite , Cisco Unified Communications
標籤