TR-21-0558 (Cisco Güvenlik Bildirimi)

Genel Bilgi

Cisco farklı ürünlerini etkiyen güvenlik zafiyetlerine yönelik önlemler açıkladı.

Etki

Mevcut güvenlik açıklıkları nedeniyle saldırganın hedef aldığı sistemde saldırı gerçekleştirmesi ihtimal dahilindedir. CVE kodları şu şekildedir:

CVE-2021-1574, CVE-2021-1576, CVE-2021-1359, CVE-2021-1563, CVE-2021-1564, CVE-2021-1585, CVE-2021-1575, CVE-2021-1603, CVE-2021-1604, CVE-2021-1605, CVE-2021-1606, CVE-2021-1607, CVE-2021-1595, CVE-2021-1596, CVE-2021-1597, CVE-2021-1598, CVE-2021-1562 ve CVE-2021-33478

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; Cisco firmasının yayınladığı güncellemeyi indirmelerini tavsiye etmektedir.

Kaynaklar

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Web%20Security%20Appliance%20Privilege%20Escalation%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldpcdp-mem-yTQDmjRO?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Video%20Surveillance%207000%20Series%20IP%20Cameras%20Cisco%20Discovery%20Protocol%20and%20Link%20Layer%20Discovery%20Protocol%20Memory%20Leak%20Vulnerabilities&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldpcdp-mem-yTQDmjRO

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-rce-gqjShXW?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Device%20Manager%20Remote%20Code%20Execution%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-rce-gqjShXW

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Virtualized%20Voice%20Browser%20Cross-Site%20Scripting%20Vulnerability&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-stored-xss-TWwjVPdL?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Stored%20Cross-Site%20Scripting%20Vulnerabilities&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcamera-lldp-mem-wGqundTq?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Video%20Surveillance%207000%20Series%20IP%20Cameras%20Link%20Layer%20Discovery%20Protocol%20Memory%20Leak%20Vulnerabilities&vs_k=1

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Business%20Process%20Automation%20Privilege%20Escalation%20Vulnerabilities&vs_k=1

2021-07-08