SK-CERT Bezpečnostné varovanie V20200819-01

Dôležitosť	Kritická
Klasifikácia	Neutajované/TLP WHITE
CVSS Skóre	9.8

Identifikátor

Cisco produkty – kritické zraniteľnosti

Popis

Spoločnosť Cisco vydala bezpečnostné aktualizácie na portfólio svojich produktov, ktoré opravujú viacero bezpečnostných zraniteľností. Najzávažnejšia bezpečnostná zraniteľnosť v Cisco vWAAS spočíva v existencii zabudovaného používateľského účtu s predvoleným heslom a umožňuje vzdialenému, neautentifikovanému útočníkovi získať kontrolu nad systémom.

Dátum prvého zverejnenia varovania

19.08.2020

CVE

CVE-2020-3151, CVE-2020-3152, CVE-2020-3389, CVE-2020-3439, CVE-2020-3440, CVE-2020-3443, CVE-2020-3446, CVE-2020-3466, CVE-2020-3484, CVE-2020-3485, CVE-2020-3490, CVE-2020-3491, CVE-2020-3496, CVE-2020-3505, CVE-2020-3506, CVE-2020-3507, CVE-2020-3518, CVE-2020-3519, CVE-2020-3520, CVE-2020-3521, CVE-2020-3522, CVE-2020-3523, CVE-2020-3538, CVE-2020-3539, CVE-2020-3540

IOC

–

Zasiahnuté systémy

Cisco ENCS 5400-W Series a CSP 5000-W Series verzie staršie ako Cisco vWAAS with NFVIS-bundled image 6.4.3e a 6.4.5a Cisco SSM On-Prem verzie staršie ako 8-202004 Cisco Video Surveillance 8000 Series IP Camera Firmware verzie staršie ako 1.0.9-4 Cisco Webex Meetings Desktop App for Windows verzie staršie ako 40.8 Cisco Vision Dynamic Signage Director verzie staršie ako 6.2 SP5 250 Series Smart Switches verzie 2.5.5.47 a staršie 350 Series Managed Switches verzie 2.5.5.47 a staršie 350X Series Stackable Managed Switches verzie 2.5.5.47 a staršie 550X Series Stackable Managed Switches verzie 2.5.5.47 a staršie Small Business 200 Series Smart Switches verzie 2.5.5.47 a staršie Small Business 300 Series Managed Switches verzie 2.5.5.47 a staršie Small Business 500 Series Stackable Managed Switches verzie 2.5.5.47 a staršie Cisco DNA Center Cisco DCNM Software verzie staršie ako 11.4(1) Cisco Vision Dynamic Signage Director verzie staršie ako 6.2 SP5 Cisco CMX verzie 10.6.0, 10.6.1, a 10.6.2. Cisco HyperFlex HX-Series verzie 4.0(2a) a staršie

Následky

Vykonanie škodlivého kódu a úplné narušenie dôvernosti, integrity a dostupnosti systému Eskalácia privilégií Neoprávnený prístup k citlivým údajom

Odporúčania

Administrátorom odporúčame bezodkladne vykonať aktualizáciu zasiahnutých systémov. Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.

Zdroje

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-encsw-cspw-cred-hZzL29A7 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smart-priv-esca-nqwxXWBu https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcameras-rce-dos-uPyJYxN3 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-desktop-app-OVSfpVMj https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbffW https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vdsd-W7mnkwj7 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-mlt-xss-zUzbcdEV https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-xss-stored-w4rJZJtO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-xss-JnHSWG5C https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-xss-5TdMJRB3 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-patrav-pW9RkhyW https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-pa-trav-bMdfSTTq https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-infordisc-DOAXVvFV https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-file-path-6PKONjHe https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-bypass-auth-mVDR6ygT https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-authbypass-YVJzqgk2 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-auth-bypass-MYeFpFcF https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvdsd-xss-teMmLyUr https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvdsd-rbac-y9LM5jw4 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvdsd-pathtrv-5tLJRrFn https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmx-rshell-esc-L6hBwjbg https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmx-prvesc-6g37hjAL https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-memleak-k5Z7m55t https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-HYP-WSV-yT3j5hSB

« Späť na zoznam