˼¿ÆIOS XEÐéÄâЧÀÍÈÝÆ÷ÑÏÖØÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-08-29

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-12643£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1962£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.6£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1964£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.6£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1963£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.7£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1965£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.7£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1966£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾


CVE-2019-12643

Cisco 4000 Series Integrated Services Routers

Cisco ASR 1000 Series Aggregation Services Routers

Cisco Cloud Services Router 1000V Series

Cisco Integrated Services Virtual Router


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Îó²î¸ÅÊö


˼¿ÆÐû²¼ÁËÆäIOS XE²Ù×÷ϵͳµÄ¸üУ¬£¬£¬£¬£¬£¬£¬ÒÔÐÞ²¹Ò»¸öÒªº¦Îó²î£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²î¿ÉÄÜÔÊÐíÔ¶³Ì¹¥»÷ÕßÈƹýÔËÐйýʱ°æÐéÄâЧÀÍÈÝÆ÷µÄÉè±¹ØÁ¬ÄÉí·ÝÑéÖ¤¡£¡£¡£¡£¡£¡£¡£ÐéÄâЧÀÍÈÝÆ÷ÓÃÓÚÔÚ¸ôÀëÇéÐÎÖÐÔËÐÐÀú³Ì¡£¡£¡£¡£¡£¡£¡£ËüÃÇ×÷Ϊ¿ª·ÅÐéÄâÓ¦ÓóÌÐò£¨OVA£©°üÌṩ£¬£¬£¬£¬£¬£¬£¬¿ÉÒÔÔËÐÐÓÃÓÚÖÖÖÖÄ¿µÄµÄÓ¦ÓóÌÐò¡£¡£¡£¡£¡£¡£¡£ÖÎÀíÔ±¿ÉÒÔΪ»úеÅ䱸¹ÊÕÏɨ³ý¹¤¾ß£¬£¬£¬£¬£¬£¬£¬ÊµÏÖ³£¼ûÍøÂ繦Ч»òÆÊÎöºÍ¼à¿ØµÄ¹¤¾ß¡£¡£¡£¡£¡£¡£¡£³£¼ûµÄÓÃ;ÊÇÀ©Õ¹Ö÷»úÍøÂçµÄ¹¦Ð§¡£¡£¡£¡£¡£¡£¡£


ÈôÊÇͨ¹ý¼òÆÓµØÏòÄ¿µÄ×°±¸·¢ËͶñÒâHTTPÇëÇóÀ´Öª×ãÌض¨Ìõ¼þ£¬£¬£¬£¬£¬£¬£¬Ôò¿ÉÒÔ¾ÙÐÐʹÓᣡ£¡£¡£¡£¡£¡£ÈôÊÇÖÎÀíÔ±½øÈëREST API½Ó¿Ú£¬£¬£¬£¬£¬£¬£¬Ôò¹¥»÷Õß¿ÉÒÔ»ñµÃÆä¡°ÁîÅÆID¡±²¢Ê¹ÓÃÌáÉýµÄȨÏÞÔËÐÐÏÂÁî¡£¡£¡£¡£¡£¡£¡£


³ý´Ëת´ïÍ⣬£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾»¹Õë¶ÔÓ°ÏìͳһÅÌËãϵͳ£¨UCS£©½á¹¹»¥Á¬£¬£¬£¬£¬£¬£¬£¬FXOS£¬£¬£¬£¬£¬£¬£¬NX-OSºÍNexus 9000ϵÁйâÏ˽»Á÷»úµÄÆäËû¾ÅÆäÖи߼¶±ðÎÊÌâÐû²¼ÁËÇ徲ͨ¸æ¡£¡£¡£¡£¡£¡£¡£


ÔÚNX-OSÈí¼þÖз¢Ã÷ÁËËĸö¸ßÑÏÖØÐÔÎÊÌâ¡£¡£¡£¡£¡£¡£¡£Á½¸öÔÊÐíδ¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õßʹװ±¸Í߽⣨CVE-2019-1962£©»òµ¼ÖÂÒâÍâÖØÆônetstackÀú³Ì£¨CVE-2019-19624£©¡£¡£¡£¡£¡£¡£¡£ÁíÍâÁ½¸öÔÊÐí¾­ÓÉÉí·ÝÑéÖ¤µÄ¹¥»÷ÕßÖØÐÂÆô¶¯SNMPÓ¦ÓóÌÐò£¨CVE-2019-1963£©»òͨ¹ý×èÖ¹ÔÚÖÕÖ¹Ô¶³ÌÅþÁ¬Ê±É¾³ýÐéÄâshell£¨VSH£©Àú³ÌÀ´ºÄ¾¡ÏµÍ³Äڴ棨CVE-2019-1965£©¡£¡£¡£¡£¡£¡£¡£


˼¿ÆµÄFabric InterconnectÖеĸßÑÏÖØÐÔÎÊÌâ±»¸ú×ÙΪCVE-2019-1966£¬£¬£¬£¬£¬£¬£¬²¢µ¼ÖÂÍâµØȨÏÞÉý¼¶µ½rootȨÏÞ¼¶±ð¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÒÔʹÓá°local-mgmtÉÏÏÂÎÄÖÐΪÌض¨CLIÏÂÁîÌṩµÄÎÞ¹Ø×ÓÏÂÁîÑ¡Ï¡£¡£¡£¡£¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-fsip-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ipv6-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-memleak-dos

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-ucs-privescalation


²Î¿¼Á´½Ó


https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-bug-in-virtual-service-container-for-ios-xe/