Cisco informuje o nowych podatnościach. (P23-019)

cert.pse-online.pl 1 rok temu

22 marca 2023 r. firma Cisco opublikowała poradniki bezpieczeństwa dotyczące luk w zabezpieczeniach wielu produktów.

Opis/LinkKrytycznośćCVSSCVE
Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability8.6AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2023-20027
Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability7.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCVE-2023-20065
Cisco IOS XE SD-WAN Software Command Injection Vulnerability7.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCVE-2023-20035
Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability8.6AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2023-20072
Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability8.6AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2023-20080
Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability7.4AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2023-20067
Cisco DNA Center Privilege Escalation Vulnerability8.0AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HCVE-2023-20055
Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability6.1AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NCVE-2023-20082
Cisco Access Point Software Association Request Denial of Service Vulnerability6.1AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NCVE-2023-20112
Cisco IOS XE Software Web UI Path Traversal Vulnerability6.5AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NCVE-2023-20066
Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability6.5AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NCVE-2023-20113
Cisco IOS XE Software Privilege Escalation Vulnerability4.4AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:NCVE-2023-20029
Cisco DNA Center Information Disclosure Vulnerability4.3AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NCVE-2023-20059
Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability6.8AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2023-20100
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability6.8AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:HCVE-2023-20081
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability5.3AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NCVE-2023-20107
Cisco Access Point Software Denial of Service Vulnerability6.5AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HCVE-2023-20056
Cisco Access Point Software Command Injection Vulnerability4.6AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:NCVE-2023-20097
Idź do oryginalnego materiału