TR-19-007 (Cisco Güvenlik Güncellemeleri Yayınladı)

Genel Bilgi

Cisco; Elastic Services Controller Service Portal, Webex Business Suite, TelePresence Management Suite, Webex Meetings (Android), Meeting Server, Aironet Active Sensor, SD-WAN Solution, Firepower Threat Defense Software, Unified Intelligence Center, AMP Threat Grid API Key, Enterprise NFV Infrastructure Software, SocialMiner Chat Feed, Identity Services Engine, Firepower Management Center, Prime Infrastructure, Connected Mobile Experiences ve Small Business Switch yazılım ve ürünleri üzerinde bulunan çeşitli zafiyetleri gidermeyi hedefleyen güvenlik güncellemeleri yayınladı.

Etki

Kritik önem düzeyindeki mevcut güvenlik açıklıkları nedeniyle etkilenen sistemlerin siber saldırganlar tarafından kontrol altına alınması ihtimal dâhilindedir.

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), kullanıcı ve sistem yöneticilerine yüksek önem derecesindeki zafiyetler için Cisco tarafından yayınlanan ve aşağıda belirtilen güvenlik güncellemelerini incelemelerini ve ilgili güvenlik tedbirlerini almalarını tavsiye etmektedir.

Kaynaklar

https://tools.cisco.com/security/center/publicationListing.x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-struts-commons-fileupload

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-webex-injection

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-webex-andro-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-soap

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-rest-api-ssrf

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-meeting-sipdos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-ise-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-fmc-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cuic-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cms-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-ise-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucm

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unaccess

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-waas-priv-escalation

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-teams

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-iot-fnd-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-uic-csrf

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-threat-grid

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-nfvis-shell-access

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-miner-chat-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-meetings-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-isel-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-info-disclosure

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-frpwr-mc-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-cpi-xss

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-cmx-info-discl

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc

https://www.us-cert.gov/ncas/current-activity/2019/01/23/Cisco-Releases-Security-Updates

2019-02-11