- Detalji os-a: WN7
- Važnost: URG
- Operativni sustavi: L
- Kategorije: CIS
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-July-15.
The following PSIRT security advisories (5 Critical, 11 High) were published at 16:00 UTC today.
Table of Contents:
1) Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability – SIR: Critical
2) Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability – SIR: Critical
3) Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability – SIR: Critical
4) Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability – SIR: Critical
5) Cisco Prime License Manager Privilege Escalation Vulnerability – SIR: Critical
6) Cisco SD-WAN vManage Software Command Injection Vulnerability – SIR: High
7) Cisco SD-WAN Solution Software Denial of Service Vulnerability – SIR: High
8) Cisco SD-WAN vManage Software Remote Code Execution Vulnerability – SIR: High
9) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability – SIR: High
10) Cisco SD-WAN vManage Software Directory Traversal Vulnerability – SIR: High
11) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability – SIR: High
12) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability – SIR: High
13) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability – SIR: High
14) Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability – SIR: High
15) Cisco SD-WAN Solution Software Static Credentials Vulnerability – SIR: High
16) Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities – SIR: High
+——————————————————————–
1) Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability
CVE-2020-3323
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-AQKREqp [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-AQKREqp”]
+——————————————————————–
2) Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability
CVE-2020-3331
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-code-exec-wH3BNFb [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-code-exec-wH3BNFb”]
+——————————————————————–
3) Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability
CVE-2020-3330
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy”]
+——————————————————————–
4) Cisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability
CVE-2020-3144
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-auth-bypass-cGv9EruZ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-auth-bypass-cGv9EruZ”]
+——————————————————————–
5) Cisco Prime License Manager Privilege Escalation Vulnerability
CVE-2020-3140
SIR: Critical
CVSS Score v(3.0): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-prime-priv-esc-HyhwdzBA [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-prime-priv-esc-HyhwdzBA”]
+——————————————————————–
6) Cisco SD-WAN vManage Software Command Injection Vulnerability
CVE-2020-3388
SIR: High
CVSS Score v(3.0): 7.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clibypvman-sKcLf2L [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clibypvman-sKcLf2L”]
+——————————————————————–
7) Cisco SD-WAN Solution Software Denial of Service Vulnerability
CVE-2020-3351
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-dos-KWOdyHnB”]
+——————————————————————–
8) Cisco SD-WAN vManage Software Remote Code Execution Vulnerability
CVE-2020-3387
SIR: High
CVSS Score v(3.0): 7.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanrce-4jtWT28P [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanrce-4jtWT28P”]
+——————————————————————–
9) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
CVE-2020-3385
SIR: High
CVSS Score v(3.0): 7.4
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vedgfpdos-PkqQrnwV [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vedgfpdos-PkqQrnwV”]
+——————————————————————–
10) Cisco SD-WAN vManage Software Directory Traversal Vulnerability
CVE-2020-3381
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmdirtrav-eFdAxsJg [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmdirtrav-eFdAxsJg”]
+——————————————————————–
11) Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
CVE-2020-3369
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fpdos-hORBfd9f [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fpdos-hORBfd9f”]
+——————————————————————–
12) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
CVE-2020-3358
SIR: High
CVSS Score v(3.1): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7”]
+——————————————————————–
13) Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service Vulnerability
CVE-2020-3357
SIR: High
CVSS Score v(3.1): 9.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rce-dos-9ZAjkx4 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rce-dos-9ZAjkx4”]
+——————————————————————–
14) Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability
CVE-2020-3332
SIR: High
CVSS Score v(3.0): 8.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmd-shell-injection-9jOQn9Dy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmd-shell-injection-9jOQn9Dy”]
+——————————————————————–
15) Cisco SD-WAN Solution Software Static Credentials Vulnerability
CVE-2020-3180
SIR: High
CVSS Score v(3.0): 8.4
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdscred-HfWWfqBj”]
+——————————————————————–
16) Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities
CVE-2020-3145, CVE-2020-3146
SIR: High
CVSS Score v(3.0): 8.8
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-m4FEEGWX [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-m4FEEGWX”]
—–BEGIN PGP SIGNATURE—–
iQKDBAEBAgBtBQJfDyiVZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFegCND/kBZ1uXA9OFYJTl
NHRxwpNkfWP7CjjzDjO2LlIHjwEZXgrbILaJtXbquku9uz077tyBJrnqDqepDBYH
ZG3L43XLf8d4KjlWYVbbEfgDzOnbbztZTsTbpIjsPrdWBbWN2rouSDpNy9TxCpjU
o5m0V5Bw6rYOVwxU08S5sASTnC4ZIYTcdos7BSgc8NeoMveXyxxJYMd9a7ujRhFT
kS8CdqOFLm2M8QEJ9wYtsdLRqx9GAosJr4OSNHdl81op0A+yB0GTk5mLl9+qS5Nu
F6MvwWX3VJ7HS3lMmBneFvO1Wl+pSwpRfa76Jky1FrK/WTfbrCvpBngwVWWXQJQY
BfUCkvDYtiNHIxpfGecx6DDe+DFajG//Yry/flvGt40FHz+Mq3S7yTj/oWxcq3fI
cNbxUb1dfygIPCusEOnXSPjRrIl5CdFYUooGuY537B8IdPkv00sOU05Vm2cfThKE
wZR8gVMpP7ChnVub+lwSftkqIFxPBcbxEXZKdyt48duXLLsSd68N21/Ap84p7mzO
W4xUrYZZhXUPPdtR7V7pcjLuP68qFP1gWFV4T21CKN52EUpA8sAgWg6XXqjOq8tR
QHfqPlP3SKhPglaiH8rcA4bNDTfudcGY1VXyHoq74qqybDqHyIoJD998Xi17j2sa
9BB9N7wgMg0h7sibrh+jVoctTgIJbA==
=B648
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com
| Autor | Filip Omazic |
| Cert id | NCERT-REF-2020-07-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
