描述:
Cisco 發布了安全公告,以應對 Cisco 裝置及軟件的一個遠端執行程式碼漏洞 (CVE-2024-6387)。有關漏洞及攻擊向量的資料,請參閱供應商網站的相應安全公告。
有報告指遠端執行程式碼漏洞 (CVE-2024-6387) 的概念驗證 (PoC) 程式碼已被公開。Cisco 發布了安全性更新以應對相關問題。系統管理員應立即為受影響的系統安裝修補程式,以減低受到網絡攻擊的風險。
受影響的系統:
- Cisco 6300 Series Embedded Services Access Points
- Cisco 8000 Series Routers
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Aironet 1540 Series
- Cisco Aironet 1560 Series
- Cisco Aironet 802.11ac Wave2 Access Points
- Cisco ASR 5000 Series Routers
- Cisco Board Series
- Cisco Catalyst 9100 Series Access Points
- Cisco Catalyst ESS9300 Embedded Series Switches
- Cisco Catalyst IE3x00 Rugged Series Switches
- Cisco Catalyst IE9300 Rugged Series Switches
- Cisco Catalyst IW6300 Heavy Duty Series Access Points
- Cisco Catalyst IW9165 Heavy Duty Series
- Cisco Catalyst IW9165 Rugged Series
- Cisco Catalyst IW9167 Heavy Duty Series
- Cisco Common Services Platform Collector (CSPC)
- Cisco Connected Mobile Experiences
- Cisco Crosswork Data Gateway
- Cisco Cyber Vision
- Cisco Desk Phone 9841
- Cisco Desk Phone 9851
- Cisco Desk Series
- Cisco DNA Spaces Connector
- Cisco Embedded Services 3300 Series Switches
- Cisco Emergency Responder
- Cisco Evolved Programmable Network Manager (EPNM)
- Cisco Expressway Series
- Cisco Firepower 4100/9300 FXOS Firepower Chassis Manager
- Cisco Firepower Management Center (FMC) Software
- Cisco Firepower Threat Defense (FTD) Software
- Cisco GGSN Gateway GPRS Support Node
- Cisco Identity Services Engine (ISE)
- Cisco IEC6400 Edge Compute Appliance
- Cisco Intersight Virtual Appliance
- Cisco IOS XE Software with NETCONF enabled
- Cisco IOS XRd Control Plane
- Cisco IOS XRd vRouter
- Cisco IP Services Gateway (IPSG)
- Cisco MDS 9000 Series Multilayer Switches
- Cisco Meeting Server
- Cisco MME Mobility Management Entity
- Cisco Network Convergence System 1010
- Cisco Network Convergence System 1014
- Cisco Network Convergence System 540 Series Routers running NCS540L images
- Cisco Network Convergence System 5700 Fixed Chassis NCS-57B1, NCS-57C1, and NCS-57D2
- Cisco Nexus 3000 Series Switches
- Cisco Nexus 9000 Series Fabric Switches in ACI Mode
- Cisco Nexus 9000 Series Switches in standalone NX-OS mode
- Cisco PDSN/HA Packet Data Serving Node and Home Agent
- Cisco PGW Packet Data Network Gateway
- Cisco Prime Collaboration Deployment
- Cisco Prime Infrastructure
- Cisco Room Series
- Cisco Secure Access Resource Connector
- Cisco Secure Email and Web Manager
- Cisco Secure Email Gateway
- Cisco Secure Network Analytics
- Cisco Smart PHY
- Cisco Smart Software Manager On-Prem
- Cisco System Architecture Evolution (SAE) Gateway
- Cisco TelePresence Video Communication Server (VCS)
- Cisco UCS C-Series Rack Servers and S-Series Storage Servers - Integrated Management Controller (CIMC)
- Cisco UCS Director
- Cisco Ultra Cloud Core - Session Management Function
- Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure
- Cisco Ultra Cloud Core 5G Policy Control Function
- Cisco Ultra Packet Core
- Cisco Unified Communications Manager
- Cisco Unified Communications Manager IM and Presence Service
- Cisco Unified Communications Manager Session Management Edition
- Cisco Unified Contact Center Express (Unified CCX)
- Cisco Unity Connection
- Cisco Video Phone 8875
- Cisco Virtualized Infrastructure Manager
- Cisco Webex Board
- Cisco Webex DX80
有關受影響系統的詳細資料,請參閱供應商網站的相應安全公告中有關 “Affected Products” 的部分。
影響:
成功利用漏洞可以在受影響的系統導致遠端執行程式碼。
建議:
適用於受影響系統的修補程式已可獲取。受影響系統的系統管理員應遵從供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Fixed Software”的部分。
系統管理員可聯絡其供應商,以取得修補程式及有關支援。
進一步資訊:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387