漏洞分享 - Cisco產品存在多個漏洞
Cisco產品存在多個漏洞
一、摘要
思科產品存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、彷冒、遠端執行任意程式碼、洩露敏感資料、跨網站指令碼及繞過保安限制。
二、存在風險
思科產品存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、彷冒、遠端執行任意程式碼、洩露敏感資料、跨網站指令碼及繞過保安限制,其影響系統或版本如下:
- 1000 Series Integrated Services Routers (ISRs)
- 4000 Series Integrated Services Routers (ISRs)
- Catalyst 8000V Edge Software
- Catalyst 8200 Series Edge Platforms
- Catalyst 8300 Series Edge Platforms
- Catalyst 8500L Series Edge Platform
- Cisco ASA Software
- Cisco FMC Software
- Cisco Firepower 2100 Series Firewalls
- Cisco Firepower Services - All platforms
- Cisco Firepower Threat Defense (FTD) Software - All platforms
- Cloud Services Routers 1000V Series
- Cyber Vision
- Integrated Services Virtual Router (ISRv)
- Meraki MX100 Appliances
- Meraki MX105 Appliances
- Meraki MX250 Appliances
- Meraki MX400 Appliances
- Meraki MX450 Appliances
- Meraki MX600 Appliances
- Meraki MX64 and MX64W Appliances
- Meraki MX65 and MX65W Appliances
- Meraki MX67, MX67C and MX67W Appliances
- Meraki MX68, MX68W and MX68WC Appliances
- Meraki MX75 Appliances
- Meraki MX84 Appliances
- Meraki MX85 Appliances
- Meraki MX95 Appliances
- Open Source Snort 2
- Open Source Snort 3
- Umbrella Secure Internet Gateway (SIG)
建議改善措施:
- 請維護廠商協助更新設備。
- 如官方尚未釋出更新檔案,建議避免對外開放相關服務,特殊需求可採用白名單方式存取。
情資報告連結:https://www.hkcert.org/tc/security-bulletin/cisco-products-multiple-vulnerabilities_20231103