You are here
Home > Preporuke > Ranjivosti više Cisco proizvoda

Ranjivosti više Cisco proizvoda

by Marina Dimic Vugec - 0

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-July-15.

The following PSIRT security advisories (5 Critical, 11 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability – SIR: Critical

2) Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability – SIR: Critical

3) Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability – SIR: Critical

4) Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability – SIR: Critical

5) Cisco Prime License Manager Privilege Escalation Vulnerability – SIR: Critical

6) Cisco SD-WAN vManage Software Command Injection Vulnerability – SIR: High

7) Cisco SD-WAN Solution Software Denial of Service Vulnerability – SIR: High

8) Cisco SD-WAN vManage Software Remote Code Execution Vulnerability – SIR: High

9) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability – SIR: High

10) Cisco SD-WAN vManage Software Directory Traversal Vulnerability – SIR: High

11) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability – SIR: High

12) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability – SIR: High

13) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability – SIR: High

14) Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability – SIR: High

15) Cisco SD-WAN Solution Software Static Credentials Vulnerability – SIR: High

16) Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities – SIR: High

+——————————————————————–

1) Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability

CVE-2020-3323

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-AQKREqp [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-AQKREqp”]

+——————————————————————–

2) Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability

CVE-2020-3331

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-code-exec-wH3BNFb [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-code-exec-wH3BNFb”]

+——————————————————————–

3) Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability

CVE-2020-3330

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy”]

+——————————————————————–

4) Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability

CVE-2020-3144

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-auth-bypass-cGv9EruZ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-auth-bypass-cGv9EruZ”]

+——————————————————————–

5) Cisco Prime License Manager Privilege Escalation Vulnerability

CVE-2020-3140

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-prime-priv-esc-HyhwdzBA [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-prime-priv-esc-HyhwdzBA”]

+——————————————————————–

6) Cisco SD-WAN vManage Software Command Injection Vulnerability

CVE-2020-3388

SIR: High

CVSS Score v(3.0): 7.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clibypvman-sKcLf2L [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clibypvman-sKcLf2L”]

+——————————————————————–

7) Cisco SD-WAN Solution Software Denial of Service Vulnerability

CVE-2020-3351

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB”]

+——————————————————————–

8) Cisco SD-WAN vManage Software Remote Code Execution Vulnerability

CVE-2020-3387

SIR: High

CVSS Score v(3.0): 7.5

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanrce-4jtWT28P [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanrce-4jtWT28P”]

+——————————————————————–

9) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability

CVE-2020-3385

SIR: High

CVSS Score v(3.0): 7.4

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vedgfpdos-PkqQrnwV [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vedgfpdos-PkqQrnwV”]

+——————————————————————–

10) Cisco SD-WAN vManage Software Directory Traversal Vulnerability

CVE-2020-3381

SIR: High

CVSS Score v(3.0): 8.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmdirtrav-eFdAxsJg [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmdirtrav-eFdAxsJg”]

+——————————————————————–

11) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability

CVE-2020-3369

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fpdos-hORBfd9f [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fpdos-hORBfd9f”]

+——————————————————————–

12) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability

CVE-2020-3358

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7”]

+——————————————————————–

13) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability

CVE-2020-3357

SIR: High

CVSS Score v(3.1): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rce-dos-9ZAjkx4 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rce-dos-9ZAjkx4”]

+——————————————————————–

14) Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability

CVE-2020-3332

SIR: High

CVSS Score v(3.0): 8.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmd-shell-injection-9jOQn9Dy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmd-shell-injection-9jOQn9Dy”]

+——————————————————————–

15) Cisco SD-WAN Solution Software Static Credentials Vulnerability

CVE-2020-3180

SIR: High

CVSS Score v(3.0): 8.4

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj”]

+——————————————————————–

16) Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities

CVE-2020-3145, CVE-2020-3146

SIR: High

CVSS Score v(3.0): 8.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-m4FEEGWX [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-m4FEEGWX”]

—–BEGIN PGP SIGNATURE—–

iQKDBAEBAgBtBQJfDyiVZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFegCND/kBZ1uXA9OFYJTl
NHRxwpNkfWP7CjjzDjO2LlIHjwEZXgrbILaJtXbquku9uz077tyBJrnqDqepDBYH
ZG3L43XLf8d4KjlWYVbbEfgDzOnbbztZTsTbpIjsPrdWBbWN2rouSDpNy9TxCpjU
o5m0V5Bw6rYOVwxU08S5sASTnC4ZIYTcdos7BSgc8NeoMveXyxxJYMd9a7ujRhFT
kS8CdqOFLm2M8QEJ9wYtsdLRqx9GAosJr4OSNHdl81op0A+yB0GTk5mLl9+qS5Nu
F6MvwWX3VJ7HS3lMmBneFvO1Wl+pSwpRfa76Jky1FrK/WTfbrCvpBngwVWWXQJQY
BfUCkvDYtiNHIxpfGecx6DDe+DFajG//Yry/flvGt40FHz+Mq3S7yTj/oWxcq3fI
cNbxUb1dfygIPCusEOnXSPjRrIl5CdFYUooGuY537B8IdPkv00sOU05Vm2cfThKE
wZR8gVMpP7ChnVub+lwSftkqIFxPBcbxEXZKdyt48duXLLsSd68N21/Ap84p7mzO
W4xUrYZZhXUPPdtR7V7pcjLuP68qFP1gWFV4T21CKN52EUpA8sAgWg6XXqjOq8tR
QHfqPlP3SKhPglaiH8rcA4bNDTfudcGY1VXyHoq74qqybDqHyIoJD998Xi17j2sa
9BB9N7wgMg0h7sibrh+jVoctTgIJbA==
=B648
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa webkit2gtk

Otkriveni su sigurnosni nedostaci u programskom paketu webkit2gtk za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close