複数の Cisco 製品に脆弱性 – 情報教育センター

最終更新日: 2020/05/25

情報源

US-CERT Current Activity
Cisco Releases Security Updates for IOS XE SD-WAN Solution Software
https://www.us-cert.gov/ncas/current-activity/2020/04/30/cisco-releases-security-updates-ios-xe-sd-wan-solution-software

US-CERT Current Activity
Cisco Releases Security Updates for Multiple Products
https://www.us-cert.gov/ncas/current-activity/2020/05/07/cisco-releases-security-updates-multiple-products

概要

複数の Cisco 製品には、脆弱性があります。結果として、第三者が任意のコ
マンドを実行するなどの可能性があります。

影響度 High の脆弱性情報の対象となる製品は次のとおりです。

– Cisco IOS XE SD-WAN
– Cisco ASA Software
– Cisco FTD Software

※製品によって、影響を受ける条件が異なります。また、上記製品以外にも、
影響度 Medium の複数の脆弱性情報が公開されています。詳細は、Cisco が
提供する情報を参照してください。

この問題は、該当する製品を Cisco が提供する修正済みのバージョンに更新
したり、回避策を適用したりすることで解決します。詳細は、Cisco が提供す
る情報を参照してください。

関連文書（英語）

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN

Cisco Security Advisory
Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB

Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv

Cisco Security Advisory
Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ

Cisco Security Advisory
Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8

Cisco Security Advisory
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR

Cisco Security Advisory
Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe

Cisco Security Advisory
Cisco IOS XE SD-WAN Software Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwcinj-AcQ5MxCn

引用元：JPCERTコーディネーションセンター
「JPCERT/CC WEEKLY REPORT 2020-05-13」
https://www.jpcert.or.jp/wr/2020/wr201801.html