You are here
Home > Preporuke > Ranjivosti više Cisco proizvoda

Ranjivosti više Cisco proizvoda

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-January-22.

The following PSIRT security advisories (1 Critical, 7 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability – SIR: Critical

2) Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability – SIR: High

3) Cisco IOS XE SD-WAN Software Default Credentials Vulnerability – SIR: High

4) Cisco SD-WAN Solution Local Privilege Escalation Vulnerability – SIR: High

5) Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability – SIR: High

6) Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability – SIR: High

7) Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability – SIR: High

8) Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities – SIR: High

+——————————————————————–

1) Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability

CVE-2019-16028

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth”]

+——————————————————————–

2) Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability

CVE-2020-3143

SIR: High

CVSS Score v(3.0): 8.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ”]

+——————————————————————–

3) Cisco IOS XE SD-WAN Software Default Credentials Vulnerability

CVE-2019-1950

SIR: High

CVSS Score v(3.0): 8.4

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259”]

+——————————————————————–

4) Cisco SD-WAN Solution Local Privilege Escalation Vulnerability

CVE-2020-3115

SIR: High

CVSS Score v(3.0): 8.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-priv-esc [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-priv-esc”]

+——————————————————————–

5) Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability

CVE-2019-16029

SIR: High

CVSS Score v(3.0): 8.2

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-on-prem-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-on-prem-dos”]

+——————————————————————–

6) Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability

CVE-2019-16027

SIR: High

CVSS Score v(3.0): 7.7

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos”]

+——————————————————————–

7) Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability

CVE-2019-16018

SIR: High

CVSS Score v(3.0): 7.4

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes”]

+——————————————————————–

8) Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities

CVE-2019-16019, CVE-2019-16020, CVE-2019-16021, CVE-2019-16022, CVE-2019-16023

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJeKHQ6XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEpIDxwc2ly
dEBjaXNjby5jb20+AAoJELm9eRtXgZjI+3wQAIvHX17NCfXQSduDXGuX69mKNm4E
zIpsDYNr06CfCG0oql+Lng/RU4biHm9fg0+y6LACvO/9vH7LQrtUAIlJi+hHzuo/
OPbqVtbHKP+Y+T257KyfjivKET652Bt7/PD2qlK4OIY0ZFjAlKfkCGuzwQ1DNu2H
meAmgIVzyNLNu725mS6rykhbbnf28Wm11H+gvQL4J6B8xFO4LzbKrN9m6DY7vZJr
JnHb1Cgevkfs2vu76uexW2lp4sxrcXOJ9uM21CLb6H9XQP1FzTaeIv/7yJcbMrau
BkOPFiD1ZA5Ic3vkbVHkfqKgkrQD/iAbz3+kM77K/8dIrlNBqBHZi4TsjQJkTidS
gwcrjRZ1sE3l7uV3zYOoNYgvkCaX/+GDf2CuD6smLUTKfvuorUHxKZToz0omlcr5
C8oFjT63x2MaZZNzFoaTEm6QVrGS4ChX3G/oNBT47GEvATmwDnqm+7fTfpSnADj0
LhpcOhvCIdbLn1mdJg8J0DnXzv/KBrZkn+aSVe7ISuZmhPrC06NnX7MVglwa1O1s
vHmu9ma2SHw8/hLBbIJL7Q8E34Abt6V9sCkWpBxOtSAv0j/MpFAfg71os14wVWib
hHHfVlIhoZotHmbx4OxyzXad7seUFnO/LmF6Eu90vsc06PkitUhe5UH/mF83R1hI
NhCfZR8Ugxme1d4r
=yW2l
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava RHEL. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog...

Close