You are here
Home > Preporuke > RANJIVOST CISCO IOS I IOS XE SOFTVERA

RANJIVOST CISCO IOS I IOS XE SOFTVERA

  • Detalji os-a: WN7
  • Važnost: INF
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Action Required to Secure the Cisco IOS and IOS XE Smart Install Feature

Advisory ID: cisco-sa-20180409-smi

Revision: 1.0

For Public Release: 2018 April 9 00:00 GMT

Last Updated: 2018 April 9 00:00 GMT

CVE ID(s): NA

+———————————————————————

Summary

=======

In recent weeks, Cisco has published several documents related to the Smart Install feature: one Talos blog about potential misuse of the feature if left enabled, and two Cisco Security Advisories that were included in the March 2018 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Given the heightened awareness, we want to minimize any potential confusion about exploitation attempts and clarify the verification of the feature on customer devices. As such, Cisco has attempted to consolidate all information related to the mitigation of potential Smart Install misuse or exploit of related vulnerabilities into this single document, which also notes how to properly secure devices that may be exposed and remediate the disclosed vulnerabilities.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180409-smi [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180409-smi”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJazAunXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczIrMQAJFGNmwl1gkuSaoF/ZUdSg1TlgR9
2g4LEcyD0gtO4dvPzizSyBtt8VTbO5fX6rulpt7yZ+dRmfS9jOtQIy8V7w/gNj3u
wVYuDaNBDjGBnnRDzGhRH3vOfjCnTQKnCscauCIXgSSgJcrVlSo+G0vKnQfiLL4U
Cd3B6rse2PE0eztTJIVbQg5Lgc+dbqIfeyh6GjT7K15iXqTMeKw3tAw8rUB6pigK
oimLe/I1nNKixl2ckjY7HFcUZNQ24me1w5DFAYiCJsQdqLVlW+hZY9TRQMCZhKAM
/Z06WHiZ83QZ1pclCqBNzR+p+7X8FLF7MyUeZJQwn599g7KWepqrqWz5C9FxYUFk
UFkczejMvIEOkS1RdlKFVnakKnpK99Pkia9YcOt8J0pR5W9R/jBnaQsSO3zjiDv6
PZZ4ZTgCT0YZej15VPXqNVeArfdQwCRR8iu79jdpgRo4GKRJd8VXmIICxiejFKsi
PuFZhMyjA0/GpjRHJjiSvuBM8XvtMAh3q4/uzOoY0kipHYJoU0iyaxIEzYJ+QUCE
v2xrvI0Y85g8i4fOKLQiL3DkHsrklgDKYfJb/ijN4NnaLtbgInTGmw3N9E7ai4u2
1i/sm/f+IW6Y+dAQmrteg2czhxfqxgF712vx/eiC65hawnUjGfR49N2VctSCl2e7
Ds79OtgR8Cxd5/4X
=VqDf
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorPetar Bertok
Cert idNCERT-REF-2018-04-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programske jezgre

Otkriveni su sigurnosni nedostaci u programskoj jezgri za operacijski sustav Red Hat. Otkriveni nedostaci potencijalnim napadačima omogućuju stjecanje viših privilegija,...

Close