Cisco Products Multiple Vulnerabilities

Release Date: 23 May 2024

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service, remote code execution, security restriction bypass and elevation of privilege on the targeted system.

Impact

Denial of Service
Remote Code Execution
Security Restriction Bypass
Elevation of Privilege

System / Technologies affected

Cisco ASA Software
Cisco FMC Software
Cisco FTD Software
Cisco Firepower 2100 Series Appliances
Cisco IOS XE SD-WAN Software
Cisco IOS XE Software

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-object-bypass-fTH8tDjq
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ogsnsg-aclbyp-3XB8q6jX
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6

Vulnerability Identifier

CVE-2023-20006
CVE-2024-20261
CVE-2024-20293
CVE-2024-20355
CVE-2024-20360
CVE-2024-20361
CVE-2024-20363

Source

Cisco

2024年5月23日星期四

Cisco Products Multiple Vulnerabilities

Impact

System / Technologies affected

Solutions

Vulnerability Identifier

Source

Related Link

沒有留言:

發佈留言

惡意軟件警報 - 零售商成為 Scattered Spider 黑客組織勒索軟件攻擊的目標

舉報濫用