情報源
US-CERT Current Activity
Cisco Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2019/01/23/Cisco-Releases-Security-Updates
概要
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vContainer
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vBond Orchestrator Software
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vEdge 100 Series Routers
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vEdge 1000 Series Routers
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vEdge 2000 Series Routers
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vEdge 5000 Series Routers
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vEdge Cloud Router Platform
– Cisco SD-WAN Solution 18.4.0 より前のバージョンが動作している vSmart Controller Software
– Cisco Webex Teams
– Cisco Webex Network Recording Player
– Cisco Webex Player
– Cisco Identity Services Engine (ISE)
– Cisco IoT Field Network Director (IoT-FND)
– Cisco 1540 Aironet Series Outdoor Access Points
– Cisco 1800i Aironet Access Points
– Cisco 1810 Aironet Access Points
– Cisco 1815i Aironet Access Points
– Cisco 1815m Aironet Access Points
– Cisco 1815w Aironet Access Points
– Cisco 4800 Airnet Access Points
– Cisco Meraki MR30H Access Point
– Cisco Meraki MR33 Access Point
– Cisco Meraki MR74 Access Point
– Cisco Meraki MR42E Access Point
– Cisco Meraki MR53E Access Point
– Cisco Firepower Threat Defense Software
– Cisco Small Business RV320 Dual Gigabit WAN VPN Router
– Cisco Small Business RV325 Dual Gigabit WAN VPN Router
関連文書(英語)
Cisco SD-WAN Solution Buffer Overflow Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo
Texas Instruments Bluetooth Low Energy Denial of Service and Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap
Cisco Webex Teams URI Handler Insecure Library Loading Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-teams
Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce
Cisco SD-WAN Solution Unauthorized Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unaccess
Cisco SD-WAN Solution Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal
Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write
Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal
Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject
Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info
Cisco Identity Services Engine Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege
Cisco IoT Field Network Director Resource Exhaustion Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-iot-fnd-dos
Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass
引用元:JPCERTコーディネーションセンター
「JPCERT/CC WEEKLY REPORT 2019-01-30」
https://www.jpcert.or.jp/wr/2019/wr190401.html