政府電腦保安事故協調中心 - 保安警報 (A21-03-09): Cisco 產品多個漏洞

描述:

Cisco 發布了安全公告以應對發現於 Cisco 裝置及軟件中的多個漏洞。有關漏洞及攻擊向量的資料，請參閱供應商網站的相應安全公告。

受影響的系統:

Cisco IOS XE SD-WAN 軟件
Cisco Jabber
Cisco 運行 IOS 的產品
Cisco 運行IOS XE 的產品
Cisco 運行IOx 的產品
Cisco 運行Cisco Access Point 軟件的產品
Cisco 運行Cisco Aironet Series Access Point 軟件的產品

有關受影響產品的詳細資料，請參閱供應商網站的相應安全公告中有關“Affected Products”的部分。

影響:

成功利用這些漏洞可以在受影響的系統導致插入任意指令碼、執行任意程式碼、服務受阻斷、泄漏資訊、繞過保安限制、系統重啓、篡改、權限提升或完全控制受影響的系統，視乎攻擊者利用哪些漏洞而定。

建議:

適用於受影響系統的軟件更新已可獲取。受影響系統的系統管理員應遵從產品供應商的建議，立即採取行動以降低風險。有關修補程式的詳細資料，請參閱供應商網站的相應安全公告中有關 “Fixed Software” 的部分。

系統管理員可聯絡其產品支援供應商，以取得修補程式及有關支援。

進一步資訊:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-info-disc-BfWqghj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironet-mdns-dos-E6KwYuMx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alg-dos-hbBS7SZE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-foverwrt-HyVXvrtb
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-privesc-wEVfp8Ud
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arp-mtfhBfjE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-jabber-PWrTATTC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-capwap-dos-2OA3JgKS
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-xss-cAfMtCzv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fast-Zqr6DD5
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cat-verify-BQ5hrXgH
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-evss-code-exe-8cw5VSvw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-iot-codexec-k46EFF6q
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-os-cmd-inj-Ef6TV5e9
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-arbfile-FUxskKDE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-buffover-CqdRWLc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cswsh-FKk9AzT5
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-decnet-dos-cuPWDkyL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwdos-4zeEeC9w
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwpathtrav-nsrue2Mt
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webcmdinjsh-UFJxTgZD
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-cmdinj-RkSURGHG
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-pt-hWGcPf7g
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs520-tcp-ZpzzOxB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-clipriv-9TO2QGVp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-esc-rSNVvTf9
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-BLKH-Ouvrnf2s
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-FSM-Yj8qJbJc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-SAP-OPLbze68
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-webui-dos-z9yqYQAn
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwcinj-t68PPW7m
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwpinj-V4weeqzU
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1371
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1373 (to CVE-2021-1377)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1381 (to CVE-2021-1385)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1390 (to CVE-2021-1392)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1394
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1431 (to CVE-2021-1437)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1439
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1441 (to CVE-2021-1443)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1446
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1451 (to CVE-2021-1454)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1471

標籤 : Cisco , Cisco IOS , Cisco SD-WAN , Cisco Jabber , Cisco IOx , Cisco Access Point , Cisco Aironet AP