VULNÉRABILITÉS AFFECTANT PLUSIEURS PRODUITS DE CISCO

TitreVULNÉRABILITÉS AFFECTANT PLUSIEURS PRODUITS DE CISCO
Numéro de Référence
39141011/22
Date de publication
10 novembre 2022
Niveau de Risque
Modéré
Niveau d'Impact
Modéré

Systèmes affectés:

  •  Cisco Firepower Threat Defense Software
  •  Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software
  •  Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS
  •  Cisco Firepower Management Center and Firepower Threat Defense Software
  •  Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software
  •  Cisco Secure Firewall 3100 Series
  •  Cisco Firepower Threat Defense Software
  •  Cisco Firepower Threat Defense Software and Cisco FXOS Software
  •  Cisco Firepower Management Center Software
  •  Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software
  •  Multiple Cisco Products Snort SMB2 Detection Engine
  •  Cisco Firepower Management Center Software
  •  Cisco Firepower Threat Defense Software

    Identificateurs externes:

    CVE-2022-20946   CVE-2022-20947   CVE-2022-20918   CVE-2022-20927
    CVE-2022-20924   CVE-2022-20854   CVE-2022-20745   CVE-2022-20826
    CVE-2022-20949   CVE-2022-20950   CVE-2022-20934   CVE-2022-20925
    CVE-2022-20926   CVE-2022-20928   CVE-2022-20922   CVE-2022-20943
    CVE-2022-20941   CVE-2022-20940   CVE-2022-20831   CVE-2022-20832
    CVE-2022-20833   CVE-2022-20834   CVE-2022-20835   CVE-2022-20836
    CVE-2022-20838   CVE-2022-20839   CVE-2022-20840   CVE-2022-20843

    Bilan de la vulnérabilité:

    Cisco annonce la correction de plusieurs vulnérabilités affectant certaines versions de ses produits susmentionnés. L'exploitation de ces vulnérabilités peut permettre à un attaquant distant d’accéder à des informations confidentielles, d’injecter du contenu dans une page, de contourner les mesures de sécurité, d’élever ses privilèges ou de causer un déni de service.

    Solution:

    Veuillez se référer aux bulletins de sécurité de Cisco pour mettre à jours vos équipements.

    Risque:

    •  Contournement de mesures de sécurité
    •  Injection de contenu dans une page
    •  Elévation de privilèges
    •  Accès à des informations confidentielles
    •  Déni de service

    Annexe:

    Bulletins de sécurité de Cisco :

     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-doshmedHQPM
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dapdos-GhYZBxDU
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcsfrsnmp-access-6gqgtJ4S
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-clientdos-cCrQPkA
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdsnmp-dos-qsqBNM6x
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dosOwEunWJN
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdtwebvpn-dos-tzPSYern
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fw3100secure-boot-5M8mUh26
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmtprivesc-7GqR2th
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sipdos-A4cHeArC
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fxoscmd-inj-Q9bLNsrK
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-injZ3B5MY35
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vpauthz-N2GckjN6
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb3nfhJtr
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-infodisc-UghNRRhP
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bbrCgtmY2
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xssLATZYzxs
     https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xxeMzPC4bYd
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpnLOeKsNmO

    Brochure:

    vulnerabilites_affectant_plusieurs_produits_de_cisco_21 (1).pdf

    DGSSI2024 All rights reserved