政府電腦保安事故協調中心 - 保安警報 (A22-11-11): Cisco 產品多個漏洞

描述:

Cisco 發布了安全公告，以應對 Cisco 裝置及軟件中的多個漏洞。有關漏洞及攻擊向量的資料，請參閱供應商網站的相應安全公告。

受影響的系統:

Cisco Adaptive Security Appliance Software
Cisco Cyber Vision
Cisco Firepower Management Center Software
Cisco Firepower Software for ASA Firepower Module
Cisco Firepower Threat Defense Software
Cisco FXOS Software
Cisco Meraki MX Security Appliances
Cisco NGIPS Software
Cisco Secure Firewall 3100 Series
Cisco Umbrella Secure Internet Gateway

有關受影響產品的詳細資料，請參閱供應商網站的相應安全公告中有關 “Affected Products” 的部分。

影響:

成功利用漏洞可以在受影響的系統導致插入任意指令碼、跨網址程式編程、服務被拒絕、泄漏資訊、權限提升或繞過保安限制，視乎攻擊者利用哪些漏洞而定。

建議:

現已有適用於受影響系統的軟件更新。受影響系統的系統管理員應遵從產品供應商的建議，立即採取行動以降低風險。有關修補程式的詳細資料，請參閱供應商網站的相應安全公告中有關 “Fixed Software”的部分。

系統管理員可聯絡其產品支援供應商，以取得修補程式及有關支援。

進一步資訊:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dap-dos-GhYZBxDU
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-Z3B5MY35
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-info-disc-UghNRRhP
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-LATZYzxs
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xxe-MzPC4bYd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcsfr-snmp-access-6gqgtJ4S
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxos-cmd-inj-Q9bLNsrK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-privesc-7GqR2th
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100-secure-boot-5M8mUh26
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20831 (to CVE-2022-20836)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20838 (to CVE-2022-20840)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20918
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20924 (to CVE-2022-20928)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20934 (to CVE-2022-20936)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20940 (to CVE-2022-20941)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20943
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20946 (to CVE-2022-20947)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20949 (to CVE-2022-20950)

標籤 : Cisco , Cisco ASA , Cisco Cybervision , Cisco FMC , Cisco Firepower , Cisco FTD , Cisco FXOS , Cisco Meraki , Cisco NGIPS , Cisco Secure Firewall , Cisco Umbrella