1. 主頁
  2. 保安警報
  3. 保安警報 (A21-07-02)

保安警報 (A21-07-02): Cisco 產品多個漏洞


 

發布日期: 2021年 7月 8日

  
  

描述:

Cisco 發布了安全公告以應對發現於 Cisco 裝置及軟件中的多個漏洞。有關漏洞及攻擊向量的資料,請參閱供應商網站的相應安全公告。

 

受影響的系統:

  • Cisco Adaptive Security Device Manager
  • Cisco BroadWorks Application Server
  • Cisco Business Process Automation
  • Cisco Identity Services Engine
  • Cisco IP Phone 8800 Series, 8811, 8841, 8845, 8851, 8861, 8865
  • Cisco Video Surveillance 7000 Series IP Cameras
  • Cisco Virtualized Voice Browser
  • Cisco Web Security Appliance
  • Cisco Wireless IP Phone 8821

有關受影響產品的詳細資料,請參閱供應商網站的相應安全公告中有關 “Affected Products” 的部分。

 

影響:

成功利用這些漏洞可以在受影響的系統導致執行任意程式碼、跨網址程式編程、服務受阻斷、泄漏資訊、權限提升或完全控制受影響的系統,視乎攻擊者利用哪些漏洞而定。

 

建議:

適用於受影響系統的軟件更新已可獲取。受影響系統的系統管理員應遵從產品供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Fixed Software” 的部分。

系統管理員可聯絡其產品支援供應商,以取得修補程式及有關支援。

 

進一步資訊:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-rce-gqjShXW
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broad-as-inf-disc-ZUXGFFXQ
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldpcdp-mem-yTQDmjRO
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3
  • https://www.hkcert.org/tc/security-bulletin/cisco-products-remote-code-execution-vulnerability_20210708
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1359
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1562
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1574 (to CVE-2021-1576)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1585
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1595 (to CVE-2021-1597)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1603 (to CVE-2021-1605)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33478


標籤 : Cisco , Cisco ASDM , Cisco BroadWorks Application Server , Cisco Business Process Automation , Cisco Identity Services Engine , Cisco IP Phone , Cisco IP Camera , Cisco Virtualized Voice Browser , Cisco Web Security Appliance
標籤