| 影響系
統: |
- IP Conference Phone 7832
- IP Conference Phone 7832 with Multiplatform Firmware
- IP Conference Phone 8832
- IP Conference Phone 8832 with Multiplatform Firmware
- IP Phone 6821, 6841, 6851, 6861, 6871 with Multiplatform
Firmware
- IP Phone 7811, 7821, 7841, 7861 Desktop Phones
- IP Phone 7811, 7821, 7841, 7861 Desktop Phones with
Multiplatform Firmware
- IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones
- IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones
with Multiplatform Firmware
- Unified IP Conference Phone 8831
- Unified IP Conference Phone 8831 for Third-Party Call
Control
- Wireless IP Phone 8821, 8821-EX
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 9000 Series Fabric Switches in Application Centric
Infrastructure (ACI) mode
- Nexus 9000 Series Switches in standalone NX-OS mode
- UCS 6200 Series Fabric Interconnects
- UCS 6300 Series Fabric Interconnects
- UCS 6400 Series Fabric Interconnects
- Video Surveillance 3000 Series IP Cameras
- Video Surveillance 4000 Series High-Definition IP Cameras
- Video Surveillance 4300E and 4500E High-Definition IP
Cameras
- Video Surveillance 6000 Series IP Cameras
- Video Surveillance 7000 Series IP Cameras
- Video Surveillance PTZ IP Cameras
- ASR 9000 Series Aggregation Services Routers
- Carrier Routing System (CRS)
- IOS XRv 9000 Router
- Network Convergence System (NCS) 540 Series Routers
- Network Convergence System (NCS) 560 Series Routers
- Network Convergence System (NCS) 1000 Series Routers
- Network Convergence System (NCS) 5000 Series Routers
- Network Convergence System (NCS) 5500 Series Routers
- Network Convergence System (NCS) 6000 Series Routers
- ASR 9000 Series Aggregation Services Routers
- Carrier Routing System (CRS)
- Firepower 4100 Series
- Firepower 9300 Security Appliances
- IOS XRv 9000 Router
- MDS 9000 Series Multilayer Switches
- Network Convergence System (NCS) 540 Series Routers
- Network Convergence System (NCS) 560 Series Routers
- Network Convergence System (NCS) 1000 Series
- Network Convergence System (NCS) 5000 Series
- Network Convergence System (NCS) 5500 Series
- Network Convergence System (NCS) 6000 Series
- Nexus 1000 Virtual Edge for VMware vSphere
- Nexus 1000V Switch for Microsoft Hyper-V
- Nexus 1000V Switch for VMware vSphere
- Nexus 3000 Series Switches
- Nexus 5500 Platform Switches
- Nexus 5600 Platform Switches
- Nexus 6000 Series Switches
- Nexus 7000 Series Switches
- Nexus 9000 Series Fabric Switches in Application Centric
Infrastructure (ACI) mode
- Nexus 9000 Series Switches in standalone NX-OS mode
- UCS 6200 Series Fabric Interconnects
- UCS 6300 Series Fabric Interconnects
- UCS 6400 Series Fabric Interconnects
|
| 細節描
述: |
Cisco IP Phone Cisco Discovery Protocol 輸入驗證錯誤弱點
- 該弱點是由於網路系統或產品未對輸入的資料進行正確的驗證,攻擊者可以通過向目標IP電話發送精心製作的CDP封包來利用此弱
點,成功的利用可能使攻擊者能夠以root權限遠程執行程式碼或導致重新加載受影響的IP電話,從而導致阻斷服務(DoS)狀態。
Cisco NX-OS Software Cisco Discovery Protocol 緩存區錯誤弱點
- 該弱點是由於網路系統或產品在記憶體上執行時,未正確驗證邊界檢查,導致向其它關聯的記憶體上執行了錯誤的讀寫操作,攻擊者可利
用該弱點導致緩存區溢出等,攻擊者可以通過將惡意的CDP封包發送到受影響的設備來利用此弱點,成功的利用可能使攻擊者導致堆疊溢位,這可能使攻擊者可以
在受影響的設備上以管理權限執行任意任意程式碼。
Cisco Video Surveillance 8000 Series IP Cameras Cisco
Discovery Protocol 輸入驗證錯誤弱點
- 該弱點是由於網路系統或產品未對輸入的資料進行正確的驗證,攻擊者可以通過向目標IP攝影機發送惡意的CDP封包來利用此弱點,
成功利用此弱點可能使攻擊者以執行遠端程式碼於受影響的IP攝影機,或使其意外重新加載,從而導致阻斷服務(DoS)狀態。
Cisco IOS XR Cisco Discovery Protocol 格式化字符串錯誤弱點
- 該弱點是由於網路系統或產品接收外部格式化字符串作為參數時,對參數類型、數量等過濾不嚴謹,攻擊者可以通過將惡意的CDP封包
發送到受影響的設備來利用此弱點,成功的利用可能使攻擊者導致堆疊溢位,這可能使攻擊者可以在受影響的設備上以管理權限執行任意程式碼。
Cisco FXOS、Cisco IOS XR、Cisco NX-OS Cisco Discovery Protocol
輸入驗證錯誤弱點
- 該弱點是由於網路系統或產品未對輸入的資料進行正確的驗證,受影響的軟體CDP缺少檢查所致,攻擊者可以通過將惡意的CDP封包
發送到受影響的設備來利用此弱點,成功利用弱點可能使攻擊者耗盡系統記憶體,從而導致設備重新加載。
|