˼¿ÆÐÞ¸´¶à¿îÈí¼þ¸ßΣÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-06-06

Îó²î±àºÅºÍ¼¶±ð



CVE±àºÅ£ºCVE-2019-1861£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º7.2

CVE±àºÅ£ºCVE-2019-1845£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º8.6



ÊÜÓ°ÏìµÄ°æ±¾



CVE-2019-1861


Cisco Industrial Network Director software releases prior to 1.6.0


CVE-2019-1845


Expressway Series configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)
TelePresence VCS configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)

Unified Communications Manager IM&P Service (multiple releases)



Îó²î¸ÅÊö



˼¿ÆÐÞ¸´ÁËÈçÏÂÁ½¸ö¸ßΣÎó²î£º


CVE-2019-1861


Cisco Industrial Network DirectorÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄÒ»Ì×¹¤Òµ×Ô¶¯»¯ÖÎÀíϵͳ ¡£¡£¡£ ¡£¡£¸Ãϵͳͨ¹ý¶Ô¹¤ÒµÒÔÌ«Íø»ù´¡ÉèÊ©µÄ¿ÉÊÓ»¯²Ù×÷À´ÊµÏÖ×Ô¶¯»¯ÖÎÀí ¡£¡£¡£ ¡£¡£


Cisco Industrial Network DirectorÈí¼þ¸üй¦Ð§ÖеÄÎó²î¿ÉÄÜÔÊÐí¾­ÓÉÉí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷ÕßÖ´ÐÐí§Òâ´úÂë ¡£¡£¡£ ¡£¡£¸ÃÎó²îÊÇÓÉÓÚ¶ÔÉÏÔص½ÊÜÓ°ÏìµÄÓ¦ÓóÌÐòµÄÎļþ¾ÙÐÐÁ˲»×¼È·µÄÑéÖ¤ ¡£¡£¡£ ¡£¡£ ¹¥»÷Õß¿ÉÒÔͨ¹ýʹÓÃÖÎÀíԱȨÏÞÑéÖ¤ÊÜÓ°ÏìµÄϵͳ²¢ÉÏÔØí§ÒâÎļþÀ´Ê¹ÓôËÎó²î ¡£¡£¡£ ¡£¡£ÀÖ³ÉʹÓÿÉÄÜÔÊÐí¹¥»÷ÕßʹÓÃÌáÉýµÄȨÏÞÖ´ÐÐí§Òâ´úÂë ¡£¡£¡£ ¡£¡£


CVE-2019-1845


Cisco Unified Communications Manager IM & Presence Service£¨CUCM IM&P£©ºÍTelePresence Video Communication Server (VCS) and Expressway¶¼ÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄ²úÆ· ¡£¡£¡£ ¡£¡£Cisco Unified Communications Manager IM and Presence Service£¨CUCM IM&P£©ÊÇÒ»¸öʹÓÃÔÚºô½Ð´¦Öóͷ£×é¼þÖеĻùÓÚCUCMµÄ¼´Ê±ÐÂÎÅ£¨IM£©ºÍ״̬ÏÔʾƽ̨ ¡£¡£¡£ ¡£¡£TelePresence Video Communication Server£¨VCS£©and ExpresswayÊÇÒ»¿îÍøÕæÊÓƵͨѶЧÀÍÆ÷ ¡£¡£¡£ ¡£¡£


Cisco Unified Communications Manager IM & Presence Service£¨CUCM IM&P£©ºÍTelePresence Video Communication Server (VCS) and ExpresswayϵÁеÄÉí·ÝÑé֤ЧÀÍÖеÄÎó²î¿ÉÄÜÔÊÐíδ¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õßµ¼ÖÂʵÑéÓû§µÄЧÀÍÖÐÖ¹¾ÙÐÐÉí·ÝÑéÖ¤£¬£¬£¬£¬£¬£¬£¬µ¼Ö¾ܾøЧÀÍ£¨DoS£©Ìõ¼þ ¡£¡£¡£ ¡£¡£¸ÃÎó²îÊÇÓÉÓÚ¶ÔÌض¨ÄÚ´æ²Ù×÷µÄ¿ØÖÆȱ·¦Ôì³ÉµÄ ¡£¡£¡£ ¡£¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄϵͳ·¢ËÍÃûÌùýʧµÄ¿ÉÀ©Õ¹ÐÂÎźÍ״̬ЭÒ飨XMPP£©Éí·ÝÑéÖ¤ÇëÇóÀ´Ê¹ÓôËÎó²î ¡£¡£¡£ ¡£¡£ÀÖ³ÉʹÓÿÉÄÜÔÊÐí¹¥»÷ÕßÒâÍâÖØÆôÉí·ÝÑé֤ЧÀÍ£¬£¬£¬£¬£¬£¬£¬´Ó¶ø×èÖ¹Óû§ÀֳɾÙÐÐÉí·ÝÑéÖ¤ ¡£¡£¡£ ¡£¡£Ê¹ÓôËÎó²î²»»áÓ°ÏìÔÚ¹¥»÷֮ǰ¾ÙÐÐÉí·ÝÑéÖ¤µÄÓû§ ¡£¡£¡£ ¡£¡£



Îó²îÑéÖ¤



ÔÝÎÞPOC/EXP ¡£¡£¡£ ¡£¡£



ÐÞ¸´½¨Òé



ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó¼û²Î¿¼Á´½Ó ¡£¡£¡£ ¡£¡£



²Î¿¼Á´½Ó



https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-cucm-imp-dos