Sélection de la langue

Government of Canada / Gouvernement du Canada

Avis aux lectrices et aux lecteurs

Cette publication ne répond pas actuellement aux normes Web du gouvernement du Canada. Les informations restent valables.

Avis de sécurité pour les produits Cisco

Numéro : AV18-032
Date : 22 février 2018

Objet

L'objectif de cet avis est d'attirer l'attention sur de multiples avis de sécurité publiés par Cisco.

Évaluation

Cisco a publié des mises à jour de sécurité afin d'adresser des vulnérabilités dans les produits suivants.

  • Cisco Unified Communications Domain Manager Remote Code Execution Vulnerability
  • Cisco Elastic Services Controller Service Portal Authentication Bypass Vulnerability
  • Cisco Elastic Services Controller Service Portal Unauthorized Access Vulnerability
  • Cisco Unified Customer Voice Portal Interactive Voice Response Connection Denial of Service Vulnerability
  • Cisco UCS Director and Cisco Integrated Management Controller Supervisor Cross-Site Request Forgery Vulnerability
  • Cisco Unified Communications Manager Reflected Cross-Site Scripting Vulnerability
  • Cisco Prime Service Catalog Cross-Site Scripting Vulnerability
  • Cisco Prime Collaboration Provisioning Tool User Provisioning Tab Cross-Site Scripting Vulnerability
  • Cisco Prime Collaboration Provisioning Tool Web Portal Repeated Bad Login Attempts Denial of Service Vulnerability
  • Cisco Jabber Client Framework for Windows and Mac Cross-Site Scripting Vulnerability
  • Cisco Jabber Client Framework for Windows and Mac Cross-Site Scripting Vulnerability
  • Cisco Data Center Analytics Framework Cross-Site Request Forgery Vulnerability
  • Cisco Data Center Analytics Framework Cross-Site Scripting Vulnerability
  • Cisco Unity Connection Mail Relay Vulnerability

Référence CVE: CVE-2018-0121, CVE-2018-0124, CVE-2018-0130, CVE-2018-0139, CVE-2018-0145, CVE-2018-0146, CVE-2018-0148, CVE-2018-0199, CVE-2018-0200, CVE-2018-0201, CVE-2018-0203, CVE-2018-0204, CVE-2018-0205, CVE-2018-0206

Mesure suggérée

Le CCRIC recommande que les administrateurs de système mettent à l'essai et déploient les mises à jour diffusées par le fournisseur aux applications concernées.

Références (en anglais)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucsd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucdm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-psc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-pcpt
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-pcpt1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-jcf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-jcf1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-dcaf
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-dcaf1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-cvp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-cuc

Date de modification :