الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تحديثات Cisco
2139
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
3 سبتمبر, 2020
● عالي
2020-1720
الكل
الوصف:
أصدرت Cisco عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- Cisco Firepower 4100 Series
- Cisco Firepower 9300 Security Appliances
- Cisco Jabber for Windows
- Cisco Enterprise NFVIS
- 3.5.1 - 4.1.2
- Cisco Small Business Routers
- Cisco AsyncOS software
- ESA software releases 13.5.1-277 and earlier
- SMA software releases 13.6.1-193 and earlier
- WSA software releases 11.7.2-011 and earlier
- Webex Meetings Client for Windows
- releases 39.5.25 and 40.6.6
- Webex Meetings Desktop App for Windows
- releases 39.5.25 and 40.6.6
- Webex Teams for Windows
- releases earlier than Release 3.0.15711.0
- Cisco Webex Training
- releases earlier than Release 40.7.6
- ASR 9000 Series Aggregation Services Routers (32-bit and 64-bit models)IOS XR, SW only
- Network Convergence System 1000 Series
- Network Convergence System 5000 Series
- Network Convergence System 5500 Series
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack)
- رفع الصلاحيات لزيادة قدرته على التعديل في النظام
- تنفيذ برمجيات خبيثة
- الكشف والإفصاح عن معلومات حساسة
- تجاوز سعة مخزن الذاكرة المؤقت
- هجمة تجاوز المسار (Path traversal)
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرت Cisco توضيحًا لهذه التحديثات:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-info-disclosure-vMJMMgJ
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-tls-dos-xW53TBhb
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-G3NSjPn7
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-ttcgB9R3
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nfvis-path-emy79OC2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-wsa-esa-info-dis-vsvPzOHP
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-media-znjfwHD6
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-meetings-UtbwOR4Q
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-vY8M4KGB
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nfvis-file-overwrite-UONzPMkr
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-UyTKCPGg
قيم المحتوى
شارك الصفحة
