Cisco 多个漏洞安全威胁通告

 

一、综述

当地时间6月20日,Cisco官方发布安全通告修复了多个不同程度的安全漏洞,其中包括5个严重漏洞。

相关链接:

https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-67770

 

二、漏洞描述

1CVE-2018-0301 (Critical)

Cisco NX-OS软件的NX-API功能中存在的漏洞可能允许未经身份验证的远程攻击者向受影响系统的管理接口发送恶意数据包,从而导致缓冲区溢出。

该漏洞是由于NX-API子系统的身份验证模块中输入验证不正确导致的。攻击者可以通过将精心构造的HTTP或HTTPS数据包发送到启用了NX-API功能的受影响系统的管理界面来利用此漏洞。该漏洞可能允许攻击者以root身份执行任意代码。注意:NX-API默认是禁用的。 

CVSS 3.0 评分:

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X 

受影响的版本:

以下思科产品受此漏洞影响:

MDS 9000 Series Multilayer Switches
      Nexus 2000 Series Fabric Extenders
      Nexus 3000 Series Switches
      Nexus 3500 Platform Switches
      Nexus 5500 Platform Switches
      Nexus 5600 Platform Switches
      Nexus 6000 Series Switches
      Nexus 7000 Series Switches
      Nexus 7700 Series Switches
      Nexus 9000 Series Switches in standalone NX-OS mode
      Nexus 9500 R-Series Line Cards and Fabric Modules

以上产品中受影响的Cisco NX-OS软件版本详见 :

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo#fs

解决方案:

升级至参考链接中提示的安全版本。

参考链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo#fs

 

2CVE-2018-0308 (Critical)

Cisco FXOS软件和NX-OS软件中Cisco Fabric ServicesCFS)组件里的漏洞可能允许未经身份验证的远程攻击者执行任意代码或导致拒绝服务攻击。

存在此漏洞是因为受影响的软件未充分验证Cisco Fabric Services数据包中的标头值。攻击者可以通过向受影响的设备发送特制的Cisco Fabric Services数据包来利用此漏洞。一次成功的攻击可能会造成缓冲区溢出,从而使攻击者可以执行任意代码或导致DoS

CVSS 3.0 评分:

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

受影响的版本:

以下思科产品受此漏洞影响:

Firepower 4100 Series Next-Generation Firewalls

Firepower 9300 Security Appliance

MDS 9000 Series Multilayer Switches

Nexus 2000 Series Fabric Extenders

Nexus 3000 Series Switches

Nexus 3500 Platform Switches

Nexus 5500 Platform Switches

Nexus 5600 Platform Switches

Nexus 6000 Series Switches

Nexus 7000 Series Switches

Nexus 7700 Series Switches

Nexus 9000 Series Switches in standalone NX-OS mode

Nexus 9500 R-Series Line Cards and Fabric Modules

UCS 6100 Series Fabric Interconnects

UCS 6200 Series Fabric Interconnects

UCS 6300 Series Fabric Interconnect

以上产品中受影响的Cisco FXOSNX-OS软件版本详见 : 

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace#fs

解决方案:

升级至参考链接中提示的安全版本。

参考链接:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-fab-ace#fs


3CVE-2018-0304 (Critical)

Cisco FXOS软件和NX-OS软件中Cisco Fabric ServicesCFS)组件里的漏洞可能允许未经身份验证的远程攻击者读取敏感内存内容,创造拒绝服务条件或以root身份执行任意代码。

存在此漏洞是因为受影响的软件未充分验证Cisco Fabric Services数据包标头。攻击者可以通过向受影响的设备发送特制的Cisco Fabric Services数据包来利用此漏洞。一次成功的攻击可能会允许攻击者在Cisco Fabric Services组件中导致缓冲区溢出或缓冲区过读,这可能允许攻击者读取敏感内存信息,创造拒绝服务条件或以root身份执行任意代码。

CVSS 3.0 评分:

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

受影响的版本:

以下思科产品受此漏洞影响:

Firepower 4100 Series Next-Generation Firewalls

Firepower 9300 Security Appliance

MDS 9000 Series Multilayer Switches

Nexus 2000 Series Fabric Extenders

Nexus 3000 Series Switches

Nexus 3500 Platform Switches

Nexus 5500 Platform Switches

Nexus 5600 Platform Switches

Nexus 6000 Series Switches

Nexus 7000 Series Switches

Nexus 7700 Series Switches

Nexus 9000 Series Switches in standalone NX-OS mode

Nexus 9500 R-Series Line Cards and Fabric Modules

UCS 6100 Series Fabric Interconnects

UCS 6200 Series Fabric Interconnects

UCS 6300 Series Fabric Interconnect

以上产品中受影响的Cisco FXOSNX-OS软件版本详见 :

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-ace#fs

解决方案:

升级至参考链接中提示的安全版本。

参考链接:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-ace#fs

 

4CVE-2018-0314 (Critical)

Cisco FXOS软件和NX-OS软件中Cisco Fabric ServicesCFS)组件里的漏洞可能允许未经身份验证的远程攻击者在受影响的设备上执行任意代码。

存在此漏洞是因为受影响的软件在处理数据包时未充分验证Cisco Fabric Services数据包标头。攻击者可以通过向受影响的设备发送恶意构造的Cisco Fabric Services数据包来利用此漏洞。一次成功的攻击可能会允许攻击者在设备上造成缓冲区溢出,从而允许攻击者在设备上执行任意代码。

CVSS 3.0 评分:

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

受影响的版本:

以下思科产品受此漏洞影响:

Firepower 4100 Series Next-Generation Firewalls

Firepower 9300 Security Appliance

MDS 9000 Series Multilayer Switches

Nexus 2000 Series Fabric Extenders

Nexus 3000 Series Switches

Nexus 3500 Platform Switches

Nexus 5500 Platform Switches

Nexus 5600 Platform Switches

Nexus 6000 Series Switches

Nexus 7000 Series Switches

Nexus 7700 Series Switches

Nexus 9000 Series Switches in standalone NX-OS mode

Nexus 9500 R-Series Line Cards and Fabric Modules

UCS 6100 Series Fabric Interconnects

UCS 6200 Series Fabric Interconnects

UCS 6300 Series Fabric Interconnects

以上产品中受影响的Cisco FXOSNX-OS软件版本详见 :

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-fabric-execution#fs

解决方案:

升级至参考链接中提示的安全版本。

参考链接:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-fabric-execution#fs


5CVE-2018-0312 (Critical)

Cisco FXOS软件和NX-OS软件中Cisco Fabric ServicesCFS)组件里的漏洞可能允许未经身份验证的远程攻击者执行任意代码或在受影响的设备上导致拒绝服务攻击。

存在此漏洞是因为受影响的软件在处理数据包时未充分验证Cisco Fabric Services数据包标头。攻击者可以通过向受影响的设备发送恶意构造的Cisco Fabric Services数据包来利用此漏洞。一次成功的攻击可能会允许攻击者在设备上造成缓冲区溢出,从而允许攻击者执行任意代码或在设备上导致拒绝服务。

CVSS 3.0 评分:

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

受影响的版本:

以下思科产品受此漏洞影响:

Firepower 4100 Series Next-Generation Firewalls

Firepower 9300 Security Appliance

MDS 9000 Series Multilayer Switches

Nexus 2000 Series Fabric Extenders

Nexus 3000 Series Switches

Nexus 3500 Platform Switches

Nexus 5500 Platform Switches

Nexus 5600 Platform Switches

Nexus 6000 Series Switches

Nexus 7000 Series Switches

Nexus 7700 Series Switches

Nexus 9000 Series Switches in standalone NX-OSmode

Nexus 9500 R-Series Line Cards and Fabric Modules

UCS 6100 Series Fabric Interconnects

UCS 6200 Series Fabric Interconnects

UCS 6300 Series Fabric Interconnects

以上产品中受影响的Cisco FXOSNX-OS软件版本详见 :

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fx-os-cli-execution#fs