情報源

US-CERT Current Activity
Cisco Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2019/02/20/Cisco-Releases-Security-Updates

概要

– Cisco Container Platform
– Cisco Cloudlock
– Cisco Defense Orchestrator
– Cisco Prime Infrastructure Software 2.2 から 3.4.0 までのバージョン
– Cisco Prime Collaboration Assurance (PCA) Software 12.1 SP2 より前のバージョン
– Cisco Network Convergence System 1000 シリーズ向けの Cisco IOS XR 6.5.2 より前のバージョン
– Cisco HyperFlex Software 3.5(2a) より前のバージョン

関連文書 (英語)

Cisco Security Advisory
Container Privilege Escalation Vulnerability Affecting Cisco Products: February 2019

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc

Cisco Prime Infrastructure Certificate Validation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-prime-validation

Cisco Prime Collaboration Assurance Software Unauthenticated Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-pca-access

Cisco Network Convergence System 1000 Series TFTP Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-ncs

Cisco HyperFlex Software Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection

Cisco HyperFlex Software Unauthenticated Root Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-chn-root-access

引用元：JPCERTコーディネーションセンター
「JPCERT/CC WEEKLY REPORT 2019-02-27」
https://www.jpcert.or.jp/wr/2019/wr190801.html