You are here
Home > Preporuke > Ranjivosti više Cisco proizvoda

Ranjivosti više Cisco proizvoda

by Marina Dimic Vugec - 0

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-May-06.

The following PSIRT security advisories (12 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability – SIR: High

2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability – SIR: High

3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability – SIR: High

4) Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability – SIR: High

5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability – SIR: High

6) Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability – SIR: High

7) Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability – SIR: High

8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities – SIR: High

9) Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability – SIR: High

10) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability – SIR: High

11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability – SIR: High

12) Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability – SIR: High

+——————————————————————–

1) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

CVE-2020-3259

SIR: High

CVSS Score v(3.0): 7.5

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB”]

+——————————————————————–

2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability

CVE-2020-3195

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv”]

+——————————————————————–

3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability

CVE-2020-3196

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN”]

+——————————————————————–

4) Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability

CVE-2020-3283

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ”]

+——————————————————————–

5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability

CVE-2020-3298

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx”]

+——————————————————————–

6) Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability

CVE-2020-3179

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe”]

+——————————————————————–

7) Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability

CVE-2020-3255

SIR: High

CVSS Score v(3.0): 7.5

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR”]

+——————————————————————–

8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities

CVE-2020-3254

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH”]

+——————————————————————–

9) Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability

CVE-2020-3189

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8”]

+——————————————————————–

10) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability

CVE-2020-3191

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k”]

+——————————————————————–

11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability

CVE-2020-3187

SIR: High

CVSS Score v(3.0): 9.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43”]

+——————————————————————–

12) Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability

CVE-2020-3125

SIR: High

CVSS Score v(3.0): 8.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJesuFbXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEpIDxwc2ly
dEBjaXNjby5jb20+AAoJELm9eRtXgZjIJZMQAI6XOV0DKZPOpVYo5JoQ56STeupA
zxZ0+GodVF+B80/5CIw5ZMSnGQIV6FnGw/z9uSG5PEk0mAuDxOOOHrMUCBYc277O
1sLJIzebHL9afLESTv4A/bcBsoyYojm05e5xfFanuuxvqU3uGUGsWhvI0nb4LP1f
XX+sy3pQ7i1mto5FdJiaEpwqJOqe0bmL1lyTw94NYgR31QFP0lJ2MEwi86PtTKmG
rWsKNppjy32etXjU5JKr4278LrDSUab0lQkQ40PlUFo3KDKaIHDHzDkGqmMmc4ZG
qkmP1P63Mdpq8LKy2LR9qk+dpBpbzWPGNo7AybbjZEH7Shrow8f+/CUIpzBm83GN
TxYjgsbQI7z3/JnhXXMoG3X0Rahv+QPibvaxOPfjnGitLsM40iH17E/XAa0CW1dY
1HgzY8XETstSGSQds1vVyEiUwRoc0nPPFz5y5dQRFgaD3a3eUcJKZ4kF1APt0pUp
MgMWk/lxDQ6xzmyEMSbCMgPh4FmVPv5g6/AqixH1Sxq41uNPXzeY9mREkzr4YGx+
O7qXqJHlcz/+kV6SfKBjXJC2o9AXvTzlgPWmQUZy8EGCpTRb7kEQg2yXT9wdw1c2
NZI6/Jm4WeW0fOUg//Z7oXNBTgw6oU3iTwkpaOxs4dzDav1PfGsYxaHTcdtzxA/S
HIIOtc7gnUaAfoU4
=lOxq
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa ceph

Otkriveni su sigurnosni nedostaci u programskom paketu ceph za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju otkrivanje osjetljivih...

Close