تحديثات Cisco
2013تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
25 فبراير, 2021
● عالي
2021-2532
الكل
الوصف:
أصدرت Cisco عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- Cisco ACI Multi-Site Orchestrator (MSO)
- Cisco Application Services Engine Software
- Cisco NX-OS Software
- Nexus 3000 Series Switches
- Nexus 9000 Series Switches in standalone NX-OS mode
- MDS 9000 Series Multilayer Switches
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 7000 Series Switches
- Nexus 9000 Series Switches in standalone NX-OS mode
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 7000 Series Switches
- Nexus 9000 Series Switches in standalone NX-OS mode
- UCS 6400 Series Fabric Interconnects
- Cisco Nexus 9000 Series Fabric Switches in ACI mode
- Firepower 4100 Series
- Firepower 9300 Security Appliances
- MDS 9000 Series Multilayer Switches
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 7000 Series Switches
- Nexus 9000 Series Switches in standalone NX-OS mode
- UCS 6200 Series Fabric Interconnects
- UCS 6300 Series Fabric Interconnects
- UCS 6400 Series Fabric Interconnects
- Cisco Nexus 9500 R-Series Switching Platforms
- MDS 9000 Series Multilayer Switches
- Nexus 1000 Virtual Edge for VMware vSphere
- Nexus 1000V Switch for Microsoft Hyper-V
- Nexus 1000V Switch for VMware vSphere
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 7000 Series Switches
- Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
- Nexus 9000 Series Switches in standalone NX-OS mode
- Cisco AnyConnect Secure Mobility Client for Linux.
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- تجاوز الصلاحيات (Authorization Bypass)
- إنشاء وحذف والتعديل على الملفات بصلاحية المستخدم الجذر ( root privileges) عن بعد
- هجمة تزوير الطلب عبر المواقع Cross-site request forgery (CSRF)
- هجمة حجب الخدمة (DoS)
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة والاطلاع على تفاصيل النسخ المتأثرة، حيث أصدرت Cisco توضيحًا لهذه التحديثات:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-authbyp-bb5GmBQv
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-case-mvuln-dYrDPC6w
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3000-9000-fileaction-QtLzDRy2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-csrf-wRMzWL9z
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipv6-netstack-edXPGV7K
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-unauth-access-5PWzDx2w
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-pim-dos-Y8SjMz4
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-icmpv6-dos-YD55jVCq
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-55AYyxYr