Notificar incidente

Alertas de Segurança

Alerta de Vulnerabilidades - Cisco (Vários)

tipo Vulnerabilidades
Sistemas afetadosCisco (Vários)
Ecossistema Outro

Descrição

A Cisco lançou várias atualizações para diferentes produtos da marca, sendo 11 das vulnerabilidades encontradas consideradas de criticidade alta e uma crítica.

Os produtos afetados são os seguintes:

  • Cisco SD-WAN Solution
  • Cisco IoT Field Network Director
  • Cisco Small Business RV320 and RV325 Routers
  • Cisco Identity Services Engine
  • Cisco Webex Teams
  • Cisco Webex Network Recording Player
  • Cisco Firepower Threat Defense
impacto

São várias a vulnerabilidades encontradas, desde Buffer Overflows, Escalamento de Privilégios, Negação de Serviço, Execução remota de código, entre outros.

Resolução

Atualizar para a versão correspondente.

Referências

Cisco:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unaccess
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-iot-fnd-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-teams
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass