2017-05-19
▷ 개요
l Cisco社는 자사의 제품에 영향을 주는 취약점을 해결한 보안 업데이트를 발표
l 공격자는 해당 취약점을 악용하여 XSS 및 정보 노출 등의 피해를 발생시킬 수 있으므로, 최신 버전으로 업데이트 권고
▷ 내용
l Cisco FirePOWER System Software에서 발생하는 SSL 로깅 서비스 거부 취약점(CVE-2017-6632)
l Cisco Industrial Ethernet 1000 Series Switches Device Manager에서 발생하는 CSRF 취약점(CVE-2017-6634)
l Cisco Identity Services Engine GUI에서 발생하는 서비스 거부 취약점(CVE-2017-6653)
l Cisco Nexus 5000 Series Switches CLI, Telnet CLI에서 발생하는 커맨드 인젝션 취약점(CVE-2017-6649, CVE-2017-6650)
l Cisco Prime Collaboration Provisioning에서 직접 객체 참조를 통해 발생하는 인증 우회, 임의 파일 삭제, 정보 노출 취약점
(CVE-2017-6621, CVE-2017-6622, CVE-2017-6635, CVE-2017-6636, CVE-2017-6637)
l Cisco Remote Expert Manage에서 발생하는 서비스 거부, 정보 노출 취약점
(CVE-2017-6641, CVE-2017-6642, CVE-2017-6643, CVE-2017-6644, CVE-2017-6645, CVE-2017-6646, CVE-2017-6647)
l Cisco IP Phone 8851 Session Initiation Protocol에서 발생하는 서비스 거부 취약점(CVE-2017-6630)
l Cisco Unified Communications Manager Cross에서 발생하는 XSS 취약점(CVE-2017-6654)
l Cisco UCS C-Series Rack Servers TCP Port에서 발생하는 서비스 거부 취약점(CVE-2017-6633)
l Cisco Policy Suite에서 발생하는 권한 상승 취약점(CVE-2017-6623)
l Cisco TelePresence IX5000 Series에서 발생하는 직접 객체 참조 취약점(CVE-2017-6652)
▷ 영향 받는 제품 및 버전
- 참고사이트에 명시되어 있는 ‘Affected Products’을 통해 취약한 제품 확인
▷ 해결 방안
l 취약점이 발생한 Cisco 소프트웨어가 설치된 Cisco장비의 운영자는 해당사이트에 명시되어 있는 ‘Affected Products’ 내용을 확인하여 패치 적용
▷ 참고 자료
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-fpwr
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ie1000csrf
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ise
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000