Vulnérabilités affectant plusieurs produits de Cisco

Titre	Vulnérabilités affectant plusieurs produits de Cisco
Numéro de Référence	Numéro de Référence 40952303/23
Date de publication	Date de publication 23 mars 2023
Niveau de Risque	Niveau de Risque Modéré
Niveau d'Impact	Niveau d'Impact Important

Systèmes affectés:

Cisco IOS XE Software
Cisco DNA Center
Cisco IOS XE SD-WAN Software
Cisco IOS XE Software for Wireless Association
Cisco Access Point Software
Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches
Cisco IOS XE Software for Wireless LAN Controllers
Cisco SD-WAN vManage Software
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software
Cisco Access Point Software

Identificateurs externes:

CVE-2023-20072 CVE-2023-20027 CVE-2023-20080 CVE-2023-20065 CVE-2023-20055 CVE-2023-20035 CVE-2023-20067 CVE-2023-20112 CVE-2023-20082 CVE-2023-20066 CVE-2023-20056 CVE-2023-20100 CVE-2023-20113 CVE-2023-20081 CVE-2023-20107 CVE-2023-20097 CVE-2023-20059 CVE-2023-20029

Bilan de la vulnérabilité:

Cisco annonce la correction de plusieurs vulnérabilités affectant certaines versions de ses produits susmentionnés. L'exploitation de ces vulnérabilités peut permettre à un attaquant distant d’injecter des commandes, d’élever ses privilèges, de contourner des mesures de sécurité, d’accéder à des données confidentielles ou de causer un déni de service.

Solution:

Veuillez se référer aux bulletins de sécurité de Cisco pour mettre à jours vos équipements.

Risque:

Injection de commandes
Elévation de privilège
Contournement de mesures de sécurité
Accès à des données confidentielles
Déni de service

Annexe:

Bulletins de sécurité de Cisco :

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosgre-crash-p6nE5Sq5
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saipv4-vfr-dos-CXxtFacb
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosdhcpv6-dos-44cMvdDK
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxpriv-escalate-Xg8zkyPk
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sadnac-privesc-QFXe74RS
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwan-VQAhEjYw
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saewlc-dos-wFujBHKw
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apassoc-dos-D2SunWK2
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sac9300-spi-ace-yejYgnNQ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sawebui-pthtrv-es7GSb9V
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apcli-dos-tc2EKEpu
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sac9800-apjoin-dos-nXRHkt5
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-savman-csrf-76RDbLEh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saasaftdios-dhcpv6-cli-Zf3zTv
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saasa5500x-entropy-6v9bHVYP
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saaironetap-cmdinj-6bjT4FL8
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sadnac-infodisc-pe7zAbdR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-saiosxe-priv-esc-sABD8hcU

Brochure:

vulnerabilites_affectant_plusieurs_produits_de_cisco.pdf1_.pdf