- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: CIS
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-June-17.
The following PSIRT security advisories (1 Critical, 7 High) were published at 16:00 UTC today.
Table of Contents:
1) SaltStack FrameWork Vulnerabilities Affecting Cisco Products – SIR: Critical
2) Cisco Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability – SIR: High
3) Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities – SIR: High
4) Cisco TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability – SIR: High
5) Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability – SIR: High
6) Cisco Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability – SIR: High
7) Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities – SIR: High
8) Cisco Small Business RV Series Routers Command Injection Vulnerabilities – SIR: High
+——————————————————————–
1) SaltStack FrameWork Vulnerabilities Affecting Cisco Products
CVE-2020-11651, CVE-2020-11652
SIR: Critical
CVSS Score v(3.1): 10.0
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG”]
+——————————————————————–
2) Cisco Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability
CVE-2020-3361
SIR: High
CVSS Score v(3.1): 8.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-token-zPvEjKN [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-token-zPvEjKN”]
+——————————————————————–
3) Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities
CVE-2020-3268, CVE-2020-3269
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-injection-tWC7krKQ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-injection-tWC7krKQ”]
+——————————————————————–
4) Cisco TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability
CVE-2020-3336
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tp-cmd-inj-7ZpWhvZb [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tp-cmd-inj-7ZpWhvZb”]
+——————————————————————–
5) Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability
CVE-2020-3342
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-mac-X7vp65BL [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-mac-X7vp65BL”]
+——————————————————————–
6) Cisco Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability
CVE-2020-3263
SIR: High
CVSS Score v(3.0): 7.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-url-fcmpdfVY [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-url-fcmpdfVY”]
+——————————————————————–
7) Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities
CVE-2020-3286, CVE-2020-3287, CVE-2020-3288, CVE-2020-3289, CVE-2020-3290, CVE-2020-3291, CVE-2020-3292, CVE-2020-3293, CVE-2020-3294, CVE-2020-3295, CVE-2020-3296
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz”]
+——————————————————————–
8) Cisco Small Business RV Series Routers Command Injection Vulnerabilities
CVE-2020-3274, CVE-2020-3275, CVE-2020-3276, CVE-2020-3277, CVE-2020-3278, CVE-2020-3279
SIR: High
CVSS Score v(3.0): 7.2
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJe6j9kXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEpIDxwc2ly
dEBjaXNjby5jb20+AAoJELm9eRtXgZjI/OMQAIDSjqkVQ71En/80Ziyg7GMNT9yF
ZM65P4Web/Nv9YOU4Dmgs6x4c3Twqz88VWZ5P8NXe8AuV5xLRYmjvF4Nm5ba0f1b
R5jGQxk6f9RfIhf79aG1HQCGJVM6Pv2nlM4mTWrcMf1BBWSrpkGtmZk78KPQVBT2
MxUdwccwpDG8RGa06Gg3DKE291tGF865KBbrk7Gdf7btCcmiadrg2RSkMiyA7YTk
3Z90oRSIoBTD0ASAPia0Tt6UZciFRfIBic5E33gMmZ/vO2Z3BpVaIEuG+xSvZMqu
49/ZztCsnSEQLLA3a//PqRXGLFDbrzJMbCioipFgc4Ov4y7a1idH212H+UJBGOOQ
ue9fEtX5guvtE3dk/LUYrhwqQ0qkpMJ8OcVb6LF6k1B9CyuvVeW17ztXywrM8nDp
bRxrwd3q8UaOab2coYfsQ21JH6f2zgZr5eIl5hzG51gf9EyXbBIJMF6+FsgaJuSr
0kCr5BCIGpqL5Idkt1EQa+WiGmAAh65p5ENFk0guTj6Dl8DQ4EAxyeuTXLDAFGod
9SNruAryKubLIWz98cOziyUICg4FjY7I2vlitN/XnFMNGf46+Tl5g52gHn2eVZ82
/Up5n1XjnCd8sS1uKku8vKCrcUX5qXn8ewXj/b8rDUuOojnvm5nTBDp2CMIK4nU5
0W65Rl+DBVFQ3yWh
=pr30
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com
| Autor | Goran Culibrk |
| Cert id | NCERT-REF-2020-06-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
