You are here
Home > Preporuke > Ranjivosti Cisco Security Manager alata

Ranjivosti Cisco Security Manager alata

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-November-17.

The following PSIRT security advisories (1 Critical, 2 High) were published at 23:00 UTC today.

Table of Contents:

1) Cisco Security Manager Path Traversal Vulnerability – SIR: Critical

2) Cisco Security Manager Java Deserialization Vulnerabilities – SIR: High

3) Cisco Security Manager Static Credential Vulnerability – SIR: High

+——————————————————————–

1) Cisco Security Manager Path Traversal Vulnerability

CVE-2020-27130

SIR: Critical

CVSS Score v(3.1): 9.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-path-trav-NgeRnqgR [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-path-trav-NgeRnqgR”]

+——————————————————————–

2) Cisco Security Manager Java Deserialization Vulnerabilities

CVE-2020-27131

SIR: High

CVSS Score v(3.1): 8.1

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-java-rce-mWJEedcD [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-java-rce-mWJEedcD”]

+——————————————————————–

3) Cisco Security Manager Static Credential Vulnerability

CVE-2020-27125

SIR: High

CVSS Score v(3.1): 7.4

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-rce-8gjUz9fW [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-rce-8gjUz9fW”]

—–BEGIN PGP SIGNATURE—–

iQKDBAEBAgBtBQJfsytrZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFesH+D/4sNrvHgSp1Nq5H
OKT/SBm1GXZhBuCp9LGbS6iJV5qN+k3VeuTGG+XK/SSeKk883JGDyWmWfPCxfgiA
qj+u4+EdAVAHG6oF2vN9DZ0vIdLrgEr5sg+bt+LvYDvHQSDssUAcZGMsBVVprgWp
TX007/7f04gyJzMFm6w0NDE7ddzrULJTr/YZRm4Gh1FggW4iXWJxDl1EcA+iXhGd
L8QYT6Ro0NT1/QFNKsHeVvFZHdBSuDKkybyD1C9RBBlrvbvP4+Z0vAr2uwWJa3Az
xOLGu7s2rSC/Gxe30kACRoOjbJ0/IOcC2Z/GYMkpfAvT4wkAshcpvnj/BAlbxkDF
UYtyzz1PDQ/ARiTEVeqG+wcrMoyEYCfQ08/GVxVwFF7PDSLTbvd6yDi7kBZXEoC8
k0kFkJv6uh6MAUdL+YuJFeysscdEGh+2uvu/Xsjde6Zkb9T+we66SPJBxoBCK94v
lOBtXnRfm6PmEb37+OhJgiCctlZUQ0V3rtEgW6udPo2M+BYLDYy9j4n3vk1z7QMH
funnzP2sqIrXZtuw/qDQMsnNsD3B2TCWCBwUty383FBOosBUNAKMRu/J1smOKWhZ
krP7yr7YctJCTqMjJTDx2uTyLsmppVq4NNxx8CEqSWyKSK8MLgcvK6oao4XCOF0h
yGeBNqydSXYp9TZQyJgHousfILit4g==
=6Sit
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa jenkins

Otkriveni su sigurnosni nedostaci u programskom paketu jenkins za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija,...

Close