Cisco 發布了安全公告以應對發現於 Cisco 產品中運行 Cisco FXOS Software、Cisco Adaptive Security Appliance (ASA) Software、Firepower Threat Defense (FTD) Software 或 Cisco Firepower Management Center (FMC) Software 的多個漏洞。有關漏洞及攻擊向量的資料,請參閱供應商網站的相應安全公告。
有關受影響系統的詳細資料,請參閱供應商網站的相應安全公告中有關“Affected Products”的部分。
成功利用這些漏洞可以在受影響的系統導致程式碼插入、指令碼插入、任意操作檔案、跨網址請求偽造(CSRF)攻擊、跨網址指令碼攻擊、服務受阻斷、泄漏資訊、繞過保安限制及篡改。
適用於受影響系統的軟件更新已可獲取。受影響系統的系統管理員應遵從產品供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Fixed Software” 的部分。
系統管理員可聯絡其產品支援供應商,以取得修補程式及有關支援。
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-P73ABNWQ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cacauthbyp-NCLGZm3Q
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-3WymYWKh
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-redirect-NYDuSEQn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-6VqH4rpZ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-hidcmd-pFDeWVBd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dos-NjYvDcLA
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-b63rwKPm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-pqZvmXCr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3299
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3373
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3455 (to CVE-2020-3459)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3499
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3514
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3553 (to CVE-2020-3555)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3557
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3561 (to CVE-2020-3565)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3571
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3577
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3580 (to CVE-2020-3583)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3585
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3599