SK-CERT Bezpečnostné varovanie V20200123-01

Dôležitosť	Kritická
Klasifikácia	Neutajované/TLP WHITE
CVSS Skóre	9.8

Identifikátor

Cisco produkty viacero zraniteľností

Popis

Spoločnosť Cisco vydala aktualizácie na väčšie množstvo svojich produktov, ktoré opravujú viacero bezpečnostných zraniteľností. Najzávažnejšia bezpečnostná zraniteľnosť v Cisco Firepower Management Center je spôsobená nedostatočnou implementáciou bezpečnostných mechanizmov pri autentifikácii prostredníctvom externého LDAP (Lightweight Directory Access Protocol) servera. Zraniteľnosť umožňuje vzdialenému, neautentifikovanému útočníkovi prostredníctvom zasielania špeciálne upravených HTTP požiadaviek získať úplnú kontrolu nad systémom.

Dátum prvého zverejnenia varovania

22.01.2020

CVE

CVE-2019-12619, CVE-2019-12628, CVE-2019-12629, CVE-2019-15963, CVE-2019-15989, CVE-2019-16000, CVE-2019-16018, CVE-2019-16019, CVE-2019-16020, CVE-2019-16021, CVE-2019-16022, CVE-2019-16023, CVE-2019-16027, CVE-2019-16028, CVE-2019-16029, CVE-2019-1909, CVE-2019-1950, CVE-2020-3115, CVE-2020-3117, CVE-2020-3121, CVE-2020-3124, CVE-2020-3129, CVE-2020-3130, CVE-2020-3131, CVE-2020-3133, CVE-2020-3135, CVE-2020-3136, CVE-2020-3137, CVE-2020-3139, CVE-2020-3143

CVE

–

Zasiahnuté systémy

Cisco Firepower Management Center Cisco HCM-F verzie staršie ako 12.5(1) Cisco Unified Communications Manager verzie 10.5(2)(SU9), 11.5(1)(SU6), 12.0(1)(SU3), 12.5(1)(SU1) a staršie Cisco 250 Series Smart Switches firmvér verzie staršie ako 2.5.0.90 Cisco 350 Series Managed Switches firmvér verzie staršie ako 2.5.0.90 Cisco 550X Series Stackable Managed Switches firmvér verzie staršie ako 2.5.0.90 Cisco Smart Software Manager On-Prem / Cisco Smart Software Manager Satellite verzie staršie ako 7-201910. Cisco SD-WAN Solution vManage 19.1.0. Cisco IOS XE SD-WAN Software verzie 16.11 a staršie Cisco Umbrella Roaming Client for Windows 2.2.238 Cisco WSA verzie staršie ako 11.8.0-382 Cisco SMA verzie staršie ako 13.0.0.-187 Cisco Unity Connection Software verzie staršie ako 11.5SU7 a 12.5SU2 Cisco ESA 13.0 a staršie Cisco APIC verzie staršie ako 4.2(3j). Cisco Jabber Guest 11.1(2) a staršie Cisco UCM verzie staršie ako 11.5(1) Cisco TelePresence Integrator C Series Cisco TelePresence MX Series Cisco TelePresence SX Series Cisco TelePresence System EX Series Cisco Webex Board Cisco Webex DX Series Cisco Webex Room Series Cisco Webex Teams client for Windows verzie staršie ako 3.0.14234 Cisco IOS XR

Následky

Vykonanie škodlivého kódu a úplné narušenie dôvernosti, integrity a dostupnosti systému Eskalácia privilégií Neoprávnený prístup k citlivým údajom Zneprístupnenie služby

Odporúčania

Administrátorom odporúčame vykonať aktualizáciu zasiahnutých systémov. Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.

Zdroje

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-priv-esc https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-on-prem-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-uc-xss https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-sqlinj https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-sql-inject https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-cmd-inject https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-cuc-info-disclosure https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-hcm-f-csrf https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cards-dos-FWzNcXPq https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-csrf-NbhZTxL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-guest-xss-6urXhkqv https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iptable-bypass-GxW88XjL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-bypass-5Cdv2HMA https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-email-sec-xss-EbjXuXwP https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-dirtrv-M9HpnME4 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-wsa-sma-header-inject https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-umbrella-msi-install

« Späť na zoznam