TR-21-0194 (Cisco Güvenlik Güncellemesi Yayınladı)

Genel Bilgi

Cisco, bazı ürünlerinde bulunan zafiyetler için güvenlik güncellemesi yayınladı.

Etki

Mevcut güvenlik açıklıkları nedeniyle saldırganların hedef aldıkları sistemlerde kod çalıştırarak kontrol altına almaları ve DoS saldırısı düzenlenmesi ihtimal dahilindedir. Zafiyetlerin CVE kodları şöyledir:

CVE-2021-1425, CVE-2021-1410, CVE-2021-1465, CVE-2021-1464, CVE-2021-1424, CVE-2021-1285, CVE-2021-1232, CVE-2021-1466, CVE-2021-1461, CVE-2021-1462, CVE-2021-1470, CVE-2021-1132 ve CVE-2021-1379

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; Cisco firmasının yayınladığı güncellemeyi indirmelerini tavsiye etmektedir.

Kaynaklar

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Email%20Security%20Appliance%20and%20%20Content%20Security%20Management%20Appliance%20Information%20Disclosure%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Webex%20Meetings%20Unauthorized%20Distribution%20List%20Update%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-dir-trav-Bpwc5gtm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20vManage%20Directory%20Traversal%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-dir-trav-Bpwc5gtm

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-authorization-b-GUEpSLK?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20vManage%20Authorization%20Bypass%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-authorization-b-GUEpSLK

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASR%205000%20Series%20Software%20(StarOS)%20ipsecmgr%20Process%20Denial%20of%20Service%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS

https://gixtools.net/2021/03/cisco-ip-phones-buffer-overflow-and-denial-of-service-vulnerabilities/

2021-03-04