CSIRTCV

Está usted visitando una publicación en la hemeroteca de CSIRT-CV.
Para acceder al portal y contenido actual, visite https://www.csirtcv.gva.es

05/06/2020

Vulnerabilidades en productos Cisco

Se han corregido múltiples vulnerabilidades en toda la gama de productos Cisco.

Riesgo: Crítico
Las vulnerabilidades incluyen:
Sistemas Afectados: Referencias:

CVE-2020-3227, CVE-2020-3205, CVE-2020-3198, CVE-2020-3198

Solución:

Descargar las actualizaciones desde el panel de descarga de Software de Cisco

Notas:

Cisco IOx for IOS XE Software Privilege Escalation Vulnerability
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection Vulnerability
Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability
Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability
Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability
Cisco IOS XE Software Command Injection Vulnerability
Cisco IOS XE Software Web UI Remote Code Execution Vulnerability
Cisco IOS XE Software Flexible NetFlow Version 9 Denial of Service Vulnerability
Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability
Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability
Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability
Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability
Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Vulnerabilities
Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability
Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities
Cisco IOx Application Framework Arbitrary File Creation Vulnerability

Fuente: Incibe-cert

CSIRT-CV