Cisco Products Multiple Vulnerabilities
Release Date: 21 Oct 2022
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- Cisco Meraki MX and have Cisco AnyConnect VPN enabled
- Z3 Teleworker Gateway VPN
- Cisco Identity Services Engine
Please refer to the link below for detail:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-Dz5dpzyM
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-Dz5dpzyM
Vulnerability Identifier
Source
Related Link
- https://www.auscert.org.au/bulletins/ESB-2022.5210
- https://www.auscert.org.au/bulletins/ESB-2022.5209
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vnESbgBf
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-path-trav-Dz5dpzyM
沒有留言:
發佈留言