تحديثات Cisco
3674تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
23 يناير, 2020
● عالي
2020-835
الكل
الوصف:
أصدرت Cisco عدّة تحديثات لمعالجة عددًا من الثغرات في المنتجات التالية:
- Cisco Unified Communications Manager (UCM)
- 10.5(2)(SU9), 11.5(1)(SU6), 12.0(1)(SU3), 12.5(1)(SU1) وما قبل
- نسخ ما قبل نسخة 11.5(1)
- Cisco Hosted Collaboration Mediation Fulfillment (HCM-F)
- ما قبل نسخة 12.5(1)
- Cisco IOS XR Software - Border Gateway Protocol (BGP) - Ethernet VPN (EVPN)
- bit - 64bit32
- ما قبل النسخ 6.6.3, 7.0.2, 7.1.1, 7.2.1
- Cisco Small Business Smart and Managed Switches firmware release earlier than 2.5.0.90
- 250 Series Smart Switches
- 350 Series Managed Switches
- 550X Series Stackable Managed Switches
- Cisco SD-WAN vManage
- ما قبل نسخة 18.3.0
- ما قبل نسخة 19.1.0
- ما قبل نسخة 17.2.0
- نسخة 18.4.1
- Cisco Unity Connection
- ما قبل نسخة 12.5SU2
- Cisco Umbrella Roaming Client - Windows
- نسخة 2.2.238
- Cisco AsyncOS for Cisco Web Security Appliance (WSA) - API Framework
- ما قبل نسخة 11.8.0-382
- Cisco Content Security Management Appliance (SMA) - API Framework
- ما قبل نسخة 13.0.0-187
- Cisco Unity Connection
- ما قبل نسخة 11.5SU7 وما قبل نسخة 12.5SU2
- Cisco Email Security Appliance
- نسخة ما قبل نسخة 13.0
- Cisco Application Policy Infrastructure Controller (APIC)
- ما قبل نسخة 4.2(3j)
- Cisco Jabber Guest
- نسخة 11.1(2) وما قبل
- Cisco Webex Teams client – Windows
- نسخة 3.0.13131
- Cisco Smart Software Manager On-Prem
- ما قبل نسخة 7-201910
- Cisco IOS XE SD-WAN
- نسخة 16.11 وما قبل
- Csco TelePresence Collaboration Endpoint (CE) Software:
- Cisco TelePresence Codec (TC) Software:
- Cisco RoomOS Software:
- Cisco TelePresence Integrator C Series
- Cisco TelePresence MX Series
- Cisco TelePresence SX Series
- Cisco TelePresence System EX Series
- Cisco Webex Board
- Cisco Webex DX Series
- Cisco Webex Room Series
- Cisco Firepower Management Center (FMC)
التهديدات:
يمكن للمهاجم عن بعد استغلال الثغرات وتنفيذ ما يلي:
- الدخول إلى واجهة UCM وقراءة أجزاء مقيّدة من ملفات تكوين النظام.
- هجمة البرمجة عبر المواقع ((Cross-site scripting (XSS) في:
- HCM-F
- Cisco Small Business Smart and Managed Switches
- Cisco Unity Connection
- Cisco Jabber Guest
- Cisco Email Security Appliance
- إرسال رسائل خبيثة إلى Cisco IOS XR Software بإيهام المستخدم بوجود تحديثات لـ BGPمما يتسبب بحجب الخدمة.
- حقن وتنفيذ برمجيات خبيثة بصلاحية vmanage في Cisco SD-WAN vManage.
- تعديل المدخلات في قاعدة البيانات، مما يؤثر على نزاهة البيانات في Cisco SD-WAN vManage.
- تجاوز السياسات وتثبيت تطبيقات غير مصرح بها في Cisco Umbrella Roaming Client.
- الكتابة فوق الملفات في Cisco Unity Connection.
- هجمة تزوير الطلب عبر المواقع ((Cross-site request forgery (CSRF) في UCM
- تجاوز قواعد وشروط تكوين جدول IP لإسقاط حركة مرور منفذ IP معين في APIC.
- ترقية ورفع الصلاحيات إلى مستخدم جذر (root) في Cisco SD-WAN vManage.
- هجمة حجب الخدمة (DoS attack).
- تنفيذ برمجيات خبيثة.
الإجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت Cisco توضيحًا لهذه التحديثات:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-cuc-info-disclosure
- https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=Y6hfxx8x2lDYK5AFyTSkJK3ajf6xKfpbe5mNbCH29tk,
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos
- https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=NsnY531X_aICIkf3BQwEC0j-d8SvaEGndLUOUIcfq8s,
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-cmd-inject
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-sql-inject
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-sqlinj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-uc-xss
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-umbrella-msi-install
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-wsa-sma-header-inject
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-dirtrv-M9HpnME4
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-email-sec-xss-EbjXuXwP
- https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=F4xa1sYoJ8p-TMf_Q0ZGi8wcaKoLAS06t7Ht746nJj8,
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-87mBkc8n
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iptable-bypass-GxW88XjL
- https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=v-ZxKOfESA9pDgZimDI1uS7KFarnuxdpjrip27WY2Xk,
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-csrf-NbhZTxL
- https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=LhInW-qIHFKE84XD1M8oFeJgwvLBWmFpz3I4w4Ny_08,
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-on-prem-dos
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-priv-esc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ
- https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=ZU-AhTNA1RMubfnkXC8PJNlvUjlkGHGyG4hLxMoUZfI,