You are here
Home > Preporuke > Ranjivosti više Cisco proizvoda

Ranjivosti više Cisco proizvoda

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-October-21.

The following PSIRT security advisories (20 High) were published at 16:00 UTC today.

Table of Contents:

1) Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability – SIR: High

2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability – SIR: High

3) Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability – SIR: High

4) Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability – SIR: High

5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability – SIR: High

6) Cisco Firepower Management Center Software Common Access Card Authentication Bypass Vulnerability – SIR: High

7) Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability – SIR: High

8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability – SIR: High

9) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability – SIR: High

10) Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability – SIR: High

11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability – SIR: High

12) Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability – SIR: High

13) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities – SIR: High

14) Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability – SIR: High

15) Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability – SIR: High

16) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability – SIR: High

17) Cisco Firepower Management Center Software Denial of Service Vulnerability – SIR: High

18) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability – SIR: High

19) Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability – SIR: High

20) Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability – SIR: High

+——————————————————————–

1) Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability

CVE-2020-3577

SIR: High

CVSS Score v(3.0): 7.4

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM”]

+——————————————————————–

2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability

CVE-2020-3572

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T”]

+——————————————————————–

3) Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability

CVE-2020-3571

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM”]

+——————————————————————–

4) Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability

CVE-2020-3563

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf”]

+——————————————————————–

5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability

CVE-2020-3554

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx”]

+——————————————————————–

6) Cisco Firepower Management Center Software Common Access Card Authentication Bypass Vulnerability

CVE-2020-3410

SIR: High

CVSS Score v(3.1): 8.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cacauthbyp-NCLGZm3Q [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cacauthbyp-NCLGZm3Q”]

+——————————————————————–

7) Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability

CVE-2020-3533

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs”]

+——————————————————————–

8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability

CVE-2020-3529

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx”]

+——————————————————————–

9) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability

CVE-2020-3528

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r”]

+——————————————————————–

10) Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability

CVE-2020-3514

SIR: High

CVSS Score v(3.1): 8.2

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-container-esc-FmYqFBQV”]

+——————————————————————–

11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability

CVE-2020-3373

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n”]

+——————————————————————–

12) Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability

CVE-2020-3562

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy”]

+——————————————————————–

13) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000/2100 Series Appliances Secure Boot Bypass Vulnerabilities

CVE-2020-3458

SIR: High

CVSS Score v(3.0): 6.7

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbyp-KqP6NgrE”]

+——————————————————————–

14) Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability

CVE-2020-3455

SIR: High

CVSS Score v(3.0): 6.7

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-sbbp-XTuPkYTn”]

+——————————————————————–

15) Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability

CVE-2020-3456

SIR: High

CVSS Score v(3.1): 8.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxosfcm-csrf-uhO4e5BZ”]

+——————————————————————–

16) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability

CVE-2020-3436

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys”]

+——————————————————————–

17) Cisco Firepower Management Center Software Denial of Service Vulnerability

CVE-2020-3499

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dos-NjYvDcLA [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dos-NjYvDcLA”]

+——————————————————————–

18) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

CVE-2020-3304

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw”]

+——————————————————————–

19) Cisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash Vulnerability

CVE-2020-3549

SIR: High

CVSS Score v(3.0): 8.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2”]

+——————————————————————–

20) Cisco Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Vulnerability

CVE-2020-3550

SIR: High

CVSS Score v(3.0): 8.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dirtrav-NW8XcuSB”]

—–BEGIN PGP SIGNATURE—–

iQKDBAEBAgBtBQJfkF0OZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFeq67D/0bqZW/Tq8qATG/
G8Dtb4LOPktVyxF0uKijSyeV9Xtb8UQ5sNBljLJAvW9EqGHB99Dchicwlh9Fqku2
Q+Rhug59NJPU78WtHsvAEGD285LzVHROqMsKYPHV11wV69uTUiHkAa6DtqWPvrT1
5fd/sTk6gKels3PAR4mSDA1DTABQ9LbdOzk2ZHiwHj96IcFJi8+Q8K1RRBKQSLB9
GZdQn/9LVy2FtXWSAPNC4LCI1kti09wrk1q2xiWNtCkwTG8VtIdpSJCxYPvOuiko
vHRnHLUzWANnm3PqmOXl9+fzB6c5oqfA5Tk7TFZVzZ47BKFmu/aJQWCzeWvd0Xm4
dmEXnrr7vV6Jwy494Wwm4cuF/oS2D1Zns7rNr72J1ELHiPO4AIeXar4gWb/lMGoA
+4ztZMGrjVlhnQjhin7F9BVBJ2wz23VKfNHzdHFwvHz3tSiQn9Fm9+KtaPgdW1vy
Ts82SiBhCeR9WEog5zhx+Vuls1TxHjZB8YJhX4jFbaasCGztrYf/LqyFWSv2yzkj
El+QWdL3FuWU8Ec9ILnCmd9pYd3WN4o9ZdbJhRABMVfNUcxNBzJDBfTzSFjOio2J
3sOvnwTg6tn0uLheRHa5BqTCQSkbwB7T9ADlMnqLcsb3uR0RWxyHB+v/B/hmO1kO
P6/EepSBtbCHoDujTRGuiXALhA7DeA==
=UY6T
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa firefox

Otkriveni su sigurnosni nedostaci u programskom paketu firefox za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja...

Close