Vulnérabilités affectant plusieurs produits de Cisco

TitreVulnérabilités affectant plusieurs produits de Cisco
Numéro de Référence
40952303/23
Date de publication
23 mars 2023
Niveau de Risque
Modéré
Niveau d'Impact
Important

Systèmes affectés:

  • Cisco IOS XE Software
  • Cisco DNA Center
  • Cisco IOS XE SD-WAN Software
  • Cisco IOS XE Software for Wireless Association
  • Cisco Access Point Software
  • Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches
  • Cisco IOS XE Software for Wireless LAN Controllers
  • Cisco SD-WAN vManage Software
  • Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software
  • Cisco Access Point Software

Identificateurs externes:

CVE-2023-20072 CVE-2023-20027 CVE-2023-20080 CVE-2023-20065 CVE-2023-20055 CVE-2023-20035 CVE-2023-20067 CVE-2023-20112 CVE-2023-20082 CVE-2023-20066 CVE-2023-20056 CVE-2023-20100 CVE-2023-20113 CVE-2023-20081 CVE-2023-20107 CVE-2023-20097 CVE-2023-20059 CVE-2023-20029

Bilan de la vulnérabilité:

Cisco annonce la correction de plusieurs vulnérabilités affectant certaines versions de ses produits susmentionnés. L'exploitation de ces vulnérabilités peut permettre à un attaquant distant d’injecter des commandes, d’élever ses privilèges, de contourner des mesures de sécurité, d’accéder à des données confidentielles ou de causer un déni de service.

Solution:

Veuillez se référer aux bulletins de sécurité de Cisco pour mettre à jours vos équipements.

Risque:

  • Injection de commandes
  • Elévation de privilège
  • Contournement de mesures de sécurité
  • Accès à des données confidentielles
  • Déni de service

Annexe:

Bulletins de sécurité de Cisco :

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosgre-crash-p6nE5Sq5
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saipv4-vfr-dos-CXxtFacb
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosdhcpv6-dos-44cMvdDK
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxpriv-escalate-Xg8zkyPk
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sadnac-privesc-QFXe74RS
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwan-VQAhEjYw 
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saewlc-dos-wFujBHKw
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apassoc-dos-D2SunWK2
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sac9300-spi-ace-yejYgnNQ 
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sawebui-pthtrv-es7GSb9V
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apcli-dos-tc2EKEpu
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sac9800-apjoin-dos-nXRHkt5
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-savman-csrf-76RDbLEh
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saasaftdios-dhcpv6-cli-Zf3zTv
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saasa5500x-entropy-6v9bHVYP
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saaironetap-cmdinj-6bjT4FL8
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sadnac-infodisc-pe7zAbdR
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saiosxe-priv-esc-sABD8hcU
Brochure:

vulnerabilites_affectant_plusieurs_produits_de_cisco.pdf1_.pdf

DGSSI2024 All rights reserved