- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: CIS
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-January-02.
The following PSIRT security advisories (1 Critical, 3 High, 1 Medium) were published at 16:00 UTC today.
Table of Contents:
1) Cisco Data Center Network Manager Authentication Bypass Vulnerabilities – SIR: Critical
2) Cisco Data Center Network Manager SQL Injection Vulnerabilities – SIR: High
3) Cisco Data Center Network Manager Path Traversal Vulnerabilities – SIR: High
4) Cisco Data Center Network Manager Command Injection Vulnerabilities – SIR: High
5) Cisco Data Center Network Manager XML External Entity Read Access Vulnerability – SIR: Medium
+——————————————————————–
1) Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
CVE-2019-15975, CVE-2019-15976, CVE-2019-15977
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass”]
+——————————————————————–
2) Cisco Data Center Network Manager SQL Injection Vulnerabilities
CVE-2019-15984, CVE-2019-15985
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-sql-inject [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-sql-inject”]
+——————————————————————–
3) Cisco Data Center Network Manager Path Traversal Vulnerabilities
CVE-2019-15980, CVE-2019-15981, CVE-2019-15982
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-path-trav [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-path-trav”]
+——————————————————————–
4) Cisco Data Center Network Manager Command Injection Vulnerabilities
CVE-2019-15978, CVE-2019-15979
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject”]
+——————————————————————–
5) Cisco Data Center Network Manager XML External Entity Read Access Vulnerability
CVE-2019-15983
SIR: Medium
CVSS Score v(3.0): 4.9
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-xml-ext-entity [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-xml-ext-entity”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJeDhUmXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczuQsP/j/qYCVFWpGTWPe951X/qLscyymA
HQc/vq5bXOPioRmREpYXEfPAs3EGLAkJMwBploNixTpqeTAFh2d9yHxZSfCK8TjI
Gt7E3xuwBwwyaiGKEKetnNbXG35gsIEEdaHe4bYlf1jAld91No+IZ0o5+xWIp0YQ
h5FqzqxgZJDAmNidFIkOnoQx6YW7k9Z6vmtDwh/rK/Fy0Nes0CcOMFIVh29c4OnN
f7DdCYHzKaLwY8UUu9ykNltlDBlbyH6MXFrY0KjjLvBGcMETyFKVHu3/AJ6bZauS
Wuk40xyAqkjOPueqa5t+Nch0Ba1Hs9FMxDF8MNcEfv7UeZngdeIF6m27Q2tAhMg3
ba/mjBQVA7ec0LG/kjHgj9HqAbnFnf8mDd9GaMWyjbadLgOnlnqv2PijiWMbepo7
k2ZFWF123eaMlb0/pBNobiCaz2aKDoGudooEU/0xQuZ8t59IHVp2ZP7do5U1hvnb
YjKub4UOmw5FOiajnIGhU/L0ZA95qSNLshWR4Z0fRnoFnEZgrdDaMbnyAZ0vGWAd
wGl9y5Om4YxcE5gCD9TUnDHDzOPO8qe5MV/vk5HZvLxDVzapp1l2VuCQIrUXqJCT
yUK0dLxLg2R7Pr4eoBU67/WCTCk0i8TGe0YlKVwjvu9BCtdrGjBF1zdC+mxAH9YF
fctQ2pf+cWotpmrD
=l57u
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com
| Autor | Vlatka Misic |
| Cert id | NCERT-REF-2020-01-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
