漏洞分享 - 思科產品存在遠端執行程式碼漏洞

                                                                                                                                                                        

思科產品存在遠端執行程式碼漏洞

一、摘要

        思科產存在一個漏洞，允許遠端使用者利用此漏洞，於目標系統觸發提升權限及遠端執行任意程式碼。

二、存在風險

        思科產存在一個漏洞，允許遠端使用者利用此漏洞，於目標系統觸發提升權限及遠端執行任意程式碼，其影響系統或版本如下：

• 受影響之系統/漏洞描述：
• Adaptive Security Appliance (ASA) Software
• Firepower 4100/9300 FXOS Firepower Chassis Manager
• Firepower Management Center (FMC) Software
• Firepower Threat Defense (FTD) Software
• Identity Services Engine (ISE)
• Secure Access Resource Connector
• Secure Email and Web Manager
• Secure Email Gateway
• Secure Network Analytics
• Common Services Platform Collector (CSPC)
• Crosswork Data Gateway
• Cyber Vision
• DNA Spaces Connector
• Evolved Programmable Network Manager (EPNM)
• Prime Collaboration Deployment
• Prime Infrastructure
• Smart PHY
• Smart Software Manager On-Prem
• Virtualized Infrastructure Manager
• 8000 Series Routers
• ASR 5000 Series Routers
• Catalyst ESS9300 Embedded Series Switches
• Catalyst IE3x00 Rugged Series Switches
• Catalyst IE9300 Rugged Series Switches
• Embedded Services 3300 Series Switches
• GGSN Gateway GPRS Support Node
• IOS XE Software with NETCONF enabled
• IOS XRd Control Plane
• IOS XRd vRouter
• IP Services Gateway (IPSG)
• MDS 9000 Series Multilayer Switches
• MME Mobility Management Entity
• Network Convergence System 540 Series Routers running NCS540L images
• Network Convergence System 1010
• Network Convergence System 1014
• Network Convergence System 5700 Fixed Chassis NCS-57B1, NCS-57C1, and NCS-57D2
• Nexus 3000 Series Switches
• Nexus 9000 Series Fabric Switches in ACI Mode
• Nexus 9000 Series Switches in standalone NX-OS mode
• PDSN/HA Packet Data Serving Node and Home Agent
• PGW Packet Data Network Gateway
• System Architecture Evolution (SAE) Gateway
• Ultra Cloud Core - Session Management Function
• Ultra Cloud Core - Subscriber Microservices Infrastructure
• Ultra Cloud Core 5G Policy Control Function
• Ultra Packet Core
• Intersight Virtual Appliance
• UCS C-Series Rack Servers and S-Series Storage Servers - Integrated Management Controller (CIMC)
• Desk Phone 9841
• Desk Phone 9851
• Emergency Responder
• Unified Communications Manager / Unified Communications Manager Session Management Edition
• Unified Communications Manager IM and Presence Service
• Unified Contact Center Express (Unified CCX)
• Unity Connection
• Video Phone 8875
• Board Series
• Cisco Meeting Server
• Desk Series
• Expressway Series
• Room Series
• TelePresence Video Communication Server (VCS)
• Webex Board
• Webex DX80
• 6300 Series Embedded Services Access Points
• Aironet 802.11ac Wave2 Access Points
• Aironet 1540 Series
• Aironet 1560 Series
• Catalyst 9100 Series Access Points
• Catalyst IW6300 Heavy Duty Series Access Points
• Catalyst IW9165 Heavy Duty Series
• Catalyst IW9165 Rugged Series
• Catalyst IW9167 Heavy Duty Series
• Connected Mobile Experiences
• IEC6400 Edge Compute Appliance

三、建議改善措施：

           企業及使用者如有上述漏洞版本應儘速更新或僅允許特定信任來源存取SSH服務。

       情資報告連結：https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024