- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: CIS
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2019-October-02.
The following PSIRT security advisories (13 High) were published at 16:00 UTC today.
Table of Contents:
1) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability – SIR: High
2) Cisco Firepower Management Center Command Injection Vulnerability – SIR: High
3) Cisco Firepower Management Center Remote Code Execution Vulnerability – SIR: High
4) Cisco Firepower Management Center Remote Code Execution Vulnerability – SIR: High
5) Cisco Firepower Management Center SQL Injection Vulnerabilities – SIR: High
6) Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities – SIR: High
7) Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability – SIR: High
8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability – SIR: High
9) Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability – SIR: High
10) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability – SIR: High
11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability – SIR: High
12) Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities – SIR: High
13) Multiple Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability – SIR: High
+——————————————————————–
1) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability
CVE-2019-15256
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-ikev1-dos”]
+——————————————————————–
2) Cisco Firepower Management Center Command Injection Vulnerability
CVE-2019-12690
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-com-inj [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-com-inj”]
+——————————————————————–
3) Cisco Firepower Management Center Remote Code Execution Vulnerability
CVE-2019-12689
SIR: High
CVSS Score v(3.0): 7.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-rce-12689 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-rce-12689”]
+——————————————————————–
4) Cisco Firepower Management Center Remote Code Execution Vulnerability
CVE-2019-12687, CVE-2019-12688
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-rce [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-rce”]
+——————————————————————–
5) Cisco Firepower Management Center SQL Injection Vulnerabilities
CVE-2019-12679, CVE-2019-12680, CVE-2019-12681, CVE-2019-12682, CVE-2019-12683, CVE-2019-12684, CVE-2019-12685, CVE-2019-12686
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-sql-inj [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fmc-sql-inj”]
+——————————————————————–
6) Cisco FXOS Software and Firepower Threat Defense Software Command Injection Vulnerabilities
CVE-2019-12699
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fxos-cmd-inject”]
+——————————————————————–
7) Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability
CVE-2019-12700
SIR: High
CVSS Score v(3.0): 7.7
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos”]
+——————————————————————–
8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability
CVE-2019-12676
SIR: High
CVSS Score v(3.0): 7.4
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos”]
+——————————————————————–
9) Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability
CVE-2019-12677
SIR: High
CVSS Score v(3.0): 7.7
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ssl-vpn-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ssl-vpn-dos”]
+——————————————————————–
10) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability
CVE-2019-12678
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos”]
+——————————————————————–
11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
CVE-2019-12673
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos”]
+——————————————————————–
12) Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities
CVE-2019-12674, CVE-2019-12675
SIR: High
CVSS Score v(3.0): 8.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-container-esc”]
+——————————————————————–
13) Multiple Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability
CVE-2019-1915
SIR: High
CVSS Score v(3.0): 6.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-cucm-csrf [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-cucm-csrf”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJdlMmuXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfcz/FMP/0BxHc48drcVbDlaphH390IpDYKt
t0K9jcs/IAU7HvKyMzvBykroAuYzU7MvBvvTLzNdaiTVSLU+9fevsh4+hUPJ4QVO
kpELQ81mRlMLveqDQYos5le2jxf0495B4lI7BCoZr6qNz2dPvgmXAxAcONAzEi0Z
jKdvtbrgaLyokgE1tBUpu+EJlJjdUt0SqgtOIgSYUQHq0QYJviQp/AaMDqzlOpET
EKGBuCvIQzyXzJjBYR4c1eFBgxoocRerFM3zKJaP/WvmoHMm/J9nEK/83BAsQVHy
maT6+Ki4O90cJzuZZt9us7/XbYxrRrhu8iJjF4g9JLXB7nmF4Ccjww5jWhA2q17F
E6hAmzWwCVEG7tftXss/aYcM/ueXeG1wdgW8aVVkrm+WfzSjTBnMKsF00ybJGKhi
IHmJMTxJkMQ1tx2fROduEPLekY89yDBh8SgGAFPyYZb3ik2QdRbZWQixeUWwzL3e
50dj6HcVYjtDPZyhKyiPXvqAPoxuMxtUion6ZqCKc9EFOzQekYg29l4gt34FgyOF
oFdljinSfrRD8aBQitSoNFLo99ekNUlkIijSiS4FCxo+NHCk1B7bpbJ4ldoUKalX
h1sdyxMUDggXShs01l+7Q1QRyi2/feIvr+zTBV7w8OSOG2W3z2kYEpcGczt58Wrk
L+/E8njUUeSuaElW
=armZ
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com
| Autor | Josip Papratovic |
| Cert id | NCERT-REF-2019-10-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
