تحديثات Cisco
1866تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
4 مارس, 2021
● متوسط
2021-2567
الكل
الوصف:
أصدرت Cisco عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- 1000 Series Integrated Services Routers (ISRs)
- 4000 Series Integrated Services Routers (ISRs)
- Catalyst 8000V Edge Software
- Catalyst 8200 Series Edge Platforms
- Catalyst 8300 Series Edge Platforms
- Cloud Services Router 1000V Series
- Integrated Services Virtual Router (ISRv)
- Cisco Webex Meetings
- Releases earlier than Release 41.2.0
- Cisco SD-WAN vManage
- 18.4.6
- 19.2.4
- 20.1.2
- 20.3.2
- 20.4.1
- Cisco products that were running Cisco ASR 5000 Series Software (StarOS)
- Releases earlier than Release 21.22
- Cisco NSO
- Releases 5.3 and 5.4
- IP Conference Phone 7832
- IP Conference Phone 7832 with Multiplatform Firmware
- IP Conference Phone 8832
- IP Conference Phone 8832 with Multiplatform Firmware
- IP Phone 6821, 6841, 6851, 6861, 6871 with Multiplatform Firmware
- IP Phone 7811, 7821, 7841, 7861 Desktop Phones
- IP Phone 7811, 7821, 7841, 7861 Desktop Phones with Multiplatform Firmware
- IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones
- IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones with Multiplatform Firmware
- Unified IP Conference Phone 8831
- Unified IP Conference Phone 8831 for Third-Party Call Control
- Wireless IP Phone 8821, 8821-EX
- Cisco SPA525G 5-Line IP Phone
- Cisco AsyncOS
- ESA – 3.5.1 and earlier
- SMA – earlier than 13.8.0
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- تجاوز الصلاحيات (Authorization Bypass)
- إنشاء وحذف والتعديل على الملفات بصلاحية المستخدم الجذر ( root privileges) عن بعد
- هجمة حجب الخدمة (DoS)
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة والاطلاع على تفاصيل النسخ المتأثرة، حيث أصدرت Cisco توضيحًا لهذه التحديثات:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-dZRQE8Lc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-sqlinj-HDJUeEAX
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-kth3c82B
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vdaemon-bo-RuzzEA2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanvman-infodis1-YuQScHB
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-authorization-b-GUEpSLK
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-dir-trav-Bpwc5gtm
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ethernet-dos-HGXgJH8n