情報源
US-CERT Current Activity
Cisco Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2019/03/06/Cisco-Releases-Security-Updates
概要
– Cisco Firepower 4100 Series Next-Generation Firewalls
– Cisco Firepower 9300 Security Appliance
– Cisco MDS 9000 Series Multilayer Switches
– Cisco Nexus 1000V Switch for Microsoft Hyper-V
– Cisco Nexus 1000V Switch for VMware vSphere
– Cisco Nexus 2000 Series Fabric Extenders
– Cisco Nexus 3000 Series Switches
– Cisco Nexus 3500 Series Switches
– Cisco Nexus 3500 Platform Switches
– Cisco Nexus 3600 Platform Switches
– Cisco Nexus 5500 Platform Switches
– Cisco Nexus 5600 Platform Switches
– Cisco Nexus 6000 Series Switches
– Cisco Nexus 7000 Series Switches
– Cisco Nexus 7700 Series Switches
– Cisco Nexus 9000 Series Switches in standalone NX-OS mode
– Cisco Nexus 9500 R-Series Line Cards and Fabric Modules
– Cisco UCS 6200 Series Fabric Interconnects
– Cisco UCS 6300 Series Fabric Interconnects
– Cisco UCS 6400 Series Fabric Interconnects
関連文書(英語)
Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Tetration Analytics Agent Arbitrary Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-tetra-ace
Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap
Cisco NX-OS Software Image Signature Verification Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif
Cisco NX-OS Software Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-privesca
Cisco NX-OS Software Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-privesc
Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-pe
Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-npv-dos
Cisco NX-OS Software Netstack Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-netstack
Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-file-access
Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-fabric-dos
Cisco NX-OS Software Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-escalation
Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-directory
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1613
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1612
Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1611
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1607
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1606
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1610
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1609
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1608)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1608
Cisco NX-OS Software NX-API Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-NXAPI-cmdinj
Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-lan-auth
Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-bash-escal
Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nx-os-api-ex
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-shell-escape
引用元:JPCERTコーディネーションセンター
「JPCERT/CC WEEKLY REPORT 2019-03-13」
https://www.jpcert.or.jp/wr/2019/wr191001.html