Sélection de la langue

Government of Canada / Gouvernement du Canada

Avis aux lectrices et aux lecteurs

Cette publication ne répond pas actuellement aux normes Web du gouvernement du Canada. Les informations restent valables.

Mises à jour de sécurité pour Cisco

Numéro : AV18-119
Date : Le 18 julliet 2018

Objet

L'objectif de cet avis est d'attirer l'attention sur des avis de sécurité publié par Cisco.

Évaluation

Cisco a publié des avis de sécurité pour corriger des vulnérabilités dans plusieurs produits.

Produits visés:
- Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability
- Cisco Policy Suite Cluster Manager Default Password Vulnerability
- Cisco Policy Suite OSGi Interface InterfaceFrontière où transitent les communications entre deux systèmes. Il peut s’agir d’un connecteur matériel utilisé pour la connexion à d’autres dispositifs ou d’une convention permettant d’établir des communications entre deux systèmes logiciels. Unauthenticated Access Vulnerability
- Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
- Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability
- Cisco SD-WAN Solution CLI Command Injection Vulnerability
- Cisco SD-WAN Solution Command Injection Vulnerability
- Cisco SD-WAN Solution Command Injection Vulnerability
- Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability
- Multiple Vulnerabilities in Cisco Finesse
- Cisco SD-WAN Solution Remote Code Execution Vulnerability
- Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability
- Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability
- Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability
- Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability
- Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability
- Cisco Webex DOM-Based Cross-Site Scripting Vulnerability
- Cisco Webex Network Recording Players Denial of Service Vulnerabilities
- Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities
- Cisco Webex Teams Remote Code Execution Vulnerability
- Multiple Vulnerabilities in Cisco Unified Contact Center Express
- Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability
- Cisco Cloud Services Platform 2100 Web Upload Function Code Injection Vulnerability
- Cisco Policy Suite Read-Only User Effect Change Vulnerability
- Cisco Policy Suite World-Readable Sensitive Data Vulnerability
- Cisco SD-WAN Solution Local Buffer Overflow Vulnerability

Références CVE: CVE-2018-0342, CVE-2018-0343, CVE-2018-0344, CVE-2018-0345, CVE-2018-0346, CVE-2018-0347, CVE-2018-0348, CVE-2018-0349, CVE-2018-0350, CVE-2018-0351, CVE-2018-0372, CVE-2018-0374, CVE-2018-0375, CVE-2018-0376, CVE-2018-0377, CVE-2018-0379, CVE-2018-0380, CVE-2018-0387, CVE-2018-0390, CVE-2018-0392, CVE-2018-0393, CVE-2018-0394, CVE-2018-0396, CVE-2018-0398, CVE-2018-0399, CVE-2018-0400, CVE-2018-0401, CVE-2018-0402, CVE-2018-0403

Mesure suggérée

Le CCRIC recommande que les administrateurs de système mettent à l'essai et déploient les mises à jour diffusées par le fournisseur aux applications concernées.

Référence

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-bo
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-change
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-finesse
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-csp2100-injection
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-cmd-inject
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-uccx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ucmim-ps-xss
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-DOM-xss
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-teams-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdnjct
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-coinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-fo
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-cm-default-psswrd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-dos

Date de modification :