思科產品多個漏洞
發佈日期:
2023年11月03日
355
觀看次數
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、彷冒、遠端執行任意程式碼、洩露敏感資料、跨網站指令碼及繞過保安限制。
影響
- 阻斷服務
- 遠端執行程式碼
- 繞過保安限制
- 資料洩露
- 仿冒
- 跨網站指令碼
受影響之系統或技術
- 1000 Series Integrated Services Routers (ISRs)
- 4000 Series Integrated Services Routers (ISRs)
- Catalyst 8000V Edge Software
- Catalyst 8200 Series Edge Platforms
- Catalyst 8300 Series Edge Platforms
- Catalyst 8500L Series Edge Platform
- Cisco ASA Software
- Cisco FMC Software
- Cisco Firepower 2100 Series Firewalls
- Cisco Firepower Services - All platforms
- Cisco Firepower Threat Defense (FTD) Software - All platforms
- Cloud Services Routers 1000V Series
- Cyber Vision
- Integrated Services Virtual Router (ISRv)
- Meraki MX100 Appliances
- Meraki MX105 Appliances
- Meraki MX250 Appliances
- Meraki MX400 Appliances
- Meraki MX450 Appliances
- Meraki MX600 Appliances
- Meraki MX64 and MX64W Appliances
- Meraki MX65 and MX65W Appliances
- Meraki MX67, MX67C and MX67W Appliances
- Meraki MX68, MX68W and MX68WC Appliances
- Meraki MX75 Appliances
- Meraki MX84 Appliances
- Meraki MX85 Appliances
- Meraki MX95 Appliances
- Open Source Snort 2
- Open Source Snort 3
- Umbrella Secure Internet Gateway (SIG)
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-file-download-7js4ug2J
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN
漏洞識別碼
- CVE-2023-20005
- CVE-2023-20031
- CVE-2023-20041
- CVE-2023-20042
- CVE-2023-20048
- CVE-2023-20063
- CVE-2023-20070
- CVE-2023-20071
- CVE-2023-20074
- CVE-2023-20083
- CVE-2023-20086
- CVE-2023-20095
- CVE-2023-20114
- CVE-2023-20155
- CVE-2023-20177
- CVE-2023-20206
- CVE-2023-20244
- CVE-2023-20245
- CVE-2023-20246
- CVE-2023-20247
- CVE-2023-20256
- CVE-2023-20264
- CVE-2023-20267
- CVE-2023-20270
資料來源
相關連結
- https://www.auscert.org.au/bulletins/ESB-2023.6386
- https://www.auscert.org.au/bulletins/ESB-2023.6385
- https://www.auscert.org.au/bulletins/ESB-2023.6381
- https://www.auscert.org.au/bulletins/ESB-2023.6380
- https://www.auscert.org.au/bulletins/ESB-2023.6379
- https://www.auscert.org.au/bulletins/ESB-2023.6378
- https://www.auscert.org.au/bulletins/ESB-2023.6377
- https://www.auscert.org.au/bulletins/ESB-2023.6376
- https://www.auscert.org.au/bulletins/ESB-2023.6375
- https://www.auscert.org.au/bulletins/ESB-2023.6374
- https://www.auscert.org.au/bulletins/ESB-2023.6373
- https://www.auscert.org.au/bulletins/ESB-2023.6372
- https://www.auscert.org.au/bulletins/ESB-2023.6370
- https://www.auscert.org.au/bulletins/ESB-2023.6369
- https://www.auscert.org.au/bulletins/ESB-2023.6368
- https://www.auscert.org.au/bulletins/ESB-2023.6367
- https://www.auscert.org.au/bulletins/ESB-2023.6366
- https://www.auscert.org.au/bulletins/ESB-2023.6365
- https://www.auscert.org.au/bulletins/ESB-2023.6364
- https://www.auscert.org.au/bulletins/ESB-2023.6363
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-file-download-7js4ug2J
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN
分享至