1. 主页
  2. 保安警报
  3. 保安警报 (A23-11-02)

保安警报 (A23-11-02): Cisco 产品多个漏洞


 

发布日期: 2023年 11月 2日

  
  

描述:

Cisco 发布了安全公告,以应对 Cisco 装置及软件中的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。

 

受影响的系统:

  • Cisco Adaptive Security Appliance Software
  • Cisco Firepower Management Center Software
  • Cisco Firepower Threat Defense Software
  • Cisco Identity Services Engine
  • Cisco Meeting Server

有关受影响产品的详细资料,请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。

 

影响:

成功利用漏洞可以在受影响的系统导致插入任意指令码、服务被拒绝、泄漏资讯、绕过保安限制、仿冒诈骗或篡改,视乎攻击者利用哪些漏洞而定。

 

建议:

适用于受影响系统的软件更新已可获取。受影响系统的系统管理员应遵从产品供应商的建议,立即採取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software”的部分。

系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。

 

进一步资讯:

  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cms-segfault-G6ES4Ve8
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-file-download-7js4ug2J
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20005
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20031
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20041 (to CVE-2023-20042)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20048
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20063
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20070 (to CVE-2023-20071)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20074
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20083
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20086
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20095
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20114
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20155
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20170
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20175
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20177
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20195 (to CVE-2023-20196)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20206
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20213
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20219 (to CVE-2023-20220)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20244 (to CVE-2023-20247)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20255 (to CVE-2023-20256)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20264
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20267
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20270


标签 : Cisco , Cisco ASA , Cisco FMC , Cisco FTD , Cisco Identity Services Engine , Cisco Meeting Server
标签