弱點通告:Cisco 發布了更新以解決影響多個產品的弱點,建議請管理者儘速評估更新!
2017/10/23
風險等級: 高度威脅
摘  要:

思科發布了更新以解決影響多個產品的弱點,駭客可以利用弱點來控制受影響的系統。

目前已知會受到影響的產品為思科 Cloud Services Platform (CSP)2100的2.1.0,2.1.1,2.1.2,2.2.0,2.22.1或2.2.2版本、以 AAA服務方式運作 Cisco Firepower Extensible Operating System (FXOS) 和 NX-OS System的系統程式,將造成多項Cisco產品受到影響:Firepower 4100 Series Next-Generation Firewall , Firepower 9300 Security Appliance, Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms , Nexus (2000,3000) Series Switches, Nexus (3000,5000) Series Switches, Nexus (3500,5500,5600) Platform Switches, Nexus (6000,7000,7700) Series Switches , Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System (UCS) 6100 Series Fabric Interconnects , UCS (6200,6300) Series Fabric Interconnects、 Cisco Small Business中的 SPA50x, SPA51x和SPA52x 版本, HiNetSOC 建議管理者儘速評估更新,以降低受駭風險。

影響系統:
  • Cisco CSP 2100的2.1.0,2.1.1,2.1.2,2.2.0,2.22.1或2.2.2版本
  • 以 AAA服務方式運作Cisco Firepower Extensible Operating System (FXOS) 和 NX-OS System的系統程式,將造成多項Cisco 產品受到影響:Firepower 4100 Series Next-Generation Firewall , Firepower 9300 Security Appliance, Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms , Nexus (2000,3000) Series Switches, Nexus (3000,5000) Series Switches, Nexus (3500,5500,5600) Platform Switches, Nexus (6000,7000,7700) Series Switches , Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System (UCS) 6100 Series Fabric Interconnects , UCS (6200,6300) Series Fabric Interconnects
  • Cisco Small Business中的 SPA50x, SPA51x和 SPA52x 版本
  • 解決辦法:
  • 將Cisco CSP 2100進行更新。
  • 將程式更新至最新版,或參考Cisco FXOS and NX-OS System Software Authentication, Authorization, and Accounting Denial of Service Vulnerability 進行處理。
  • 將Cisco Small Business SPA50x, SPA51x, and SPA52x 進行更新。
  • 細節描述:

    Cisco 發布了更新以解決影響多個產品的弱點,駭客可以利用其中任一個弱點來控制受影響的系統。

    HiNet SOC 建議管理者儘速評估更新,以降低受駭風險。

    參考資訊:

    Us-cert(2017/10/18)
    cisco-sa-20171018-ccs(2017/10/18)
    cisco-sa-20171018-aaavty(2017/10/18)
    cisco-sa-20171018-sip1(2017/10/18)
    cisco-sa-20171018-sip(2017/10/18)