1. 主页
  2. 保安警报
  3. 保安警报 (A18-10-03)

保安警报 (A18-10-03): Cisco 产品多个漏洞


 

发布日期: 2018年 10月 4日

  
  

描述:

Cisco发布了安全公告以应对发现于Cisco ASA (Adaptive Security Appliance)软件及FTD (Firepower Threat Defense)软件中的多个漏洞。攻击者可以向受影响系统发出特制的指令、封包、传送流(traffic stream)或档案从而攻击这些漏洞。

 

受影响的系统:

运行受影响ASA软件或FTB软件的Cisco产品,包括:

  • 3000 Series Industrial Security Appliances (ISAs)
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA 5506-X with FirePOWER Services
  • ASA 5506H-X with FirePOWER Services
  • ASA 5506W-X with FirePOWER Services
  • ASA 5508-X with FirePOWER Services
  • ASA 5516-X with FirePOWER Services
  • Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls
  • Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services
  • Adaptive Security Appliance (ASA) Software Releases 9.6.4, 9.8.2, and 9.9.1
  • Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances
  • Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances
  • FirePOWER 7000 Series Appliances
  • FirePOWER 8000 Series Appliances
  • FirePOWER Threat Defense for Integrated Services Routers (ISRs)
  • Firepower 2100 Series Security Appliances
  • Firepower 4100 Series Security Appliances
  • Firepower 9300 ASA Security Module
  • Firepower 9300 Series Security Appliances
  • Firepower Management Center
  • Firepower Threat Defense
  • Firepower Threat Defense (FTD) Software Release 6.2.2
  • Firepower Threat Defense Virtual (FTDv)
  • Industrial Ethernet 3000 Series Switches
  • Next-Generation Intrusion Prevention System (NGIPS)
  • Virtual Next-Generation Intrusion Prevention System (NGIPSv)

以上仅为一些受影响系统的例子而并不包括所有受影响的产。有关受影响系统:的详细资料,请参阅供应商网站的相应安全公告中有关“Affected Products”的部分。

用户可联络其产品支援供应商,以取得修补程式及有关支援。

 

影响:

成功利用这些漏洞可以导致在受影响系统绕过保安措施、权限提升、服务受阻断或重启受影响的系统。

 

建议:

适用于受影响系统的软件更新已可获取。受影响系统的用户应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。

用户可联络其产品支援供应商,以取得修补程式及有关支援。

 

进一步信息:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-ipsec-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-cmd-injection
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos
https://www.hkcert.org/my_url/zh/alert/18100401
https://www.us-cert.gov/ncas/current-activity/2018/10/03/Cisco-Releases-Security-Updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15399

 



标签 : Cisco , Cisco ISA , Cisco ASA , Cisco AMP , Cisco Firepower , Cisco NGIPS , Cisco NGIPSv
标签