Cisco | ¶à¸öÇå¾²Îó²îͨ¸æ
Ðû²¼Ê±¼ä 2020-10-22
0x00 Îó²î¸ÅÊö
2020Äê10ÔÂ21ÈÕ£¬£¬£¬£¬£¬£¬CiscoÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬Æä¶à¸ö²úÆ·Öб£´æÑÏÖØÇå¾²Îó²î¡£¡£¡£´Ë´ÎÐû²¼µÄÇå¾²Îó²î¹²¼Æ36¸ö£¬£¬£¬£¬£¬£¬ÆäÖÐ20¸öÎó²îΪ¸ßΣ£¬£¬£¬£¬£¬£¬16¸öΪÖÐΣ¡£¡£¡£
0x01 Îó²îÏêÇé
Cisco´Ë´ÎÐû²¼µÄÇå¾²Îó²îÖУ¬£¬£¬£¬£¬£¬É漰˼¿ÆFirepowerÍþв·ÀÓù£¨FTD£©¡¢Cisco Firepower»úÏäÖÎÀíÆ÷£¨FCM£©ºÍ×Ô˳ӦÇå¾²×°±¸£¨ASA£©µÄ¸ßΣÎó²îΪ17¸ö£¬£¬£¬£¬£¬£¬ÈçÏ£º
˼¿ÆÇå¾²×Éѯ/Îó²îÃû³Æ | CVE ID | Çå¾²Ó°ÏìÆ·¼¶ | »ùÌìÖ°Êý |
cisco-sa-asaftd-dos-QFcNEPfx ˼¿Æ×Ô˳ӦÇå¾²×°±¸Èí¼þºÍFirepowerÍþв·ÀÓùÈí¼þ¾Ü¾øÐ§ÀÍÎó²î | CVE-2020-3554 | ¸ß | 8.6 |
cisco-sa-asaftd-frag-memleak-mCtqdP9n | CVE-2020-3373 | ¸ß | 8.6 |
cisco-sa-asaftd-ospflls-37Xy2q6r | CVE-2020-3528 | ¸ß | 8.6 |
cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx | CVE-2020-3529 | ¸ß | 8.6 |
cisco-sa-asa-ftd-tcp-dos-N3DMnU4T | CVE-2020-3572 | ¸ß | 8.6 |
cisco-sa-asaftd-webdos-fBzM5Ynw | CVE-2020-3304 | ¸ß | 8.6 |
cisco-sa-asaftd-fileup-dos-zvC7wtys | CVE-2020-3436 | ¸ß | 8.6 |
cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy | CVE-2020-3562 | ¸ß | 8.6 |
cisco-sa-ftd-icmp-dos-hxxcycM | CVE-2020-3571 | ¸ß | 8.6 |
cisco-sa-ftdfmc-dirtrav-NW8XcuSB | CVE-2020-3550 | ¸ß | 8.1 |
cisco-sa-ftdfmc-sft-mitm-tc8AzFs2 | CVE-2020-3549 | ¸ß | 8.1 |
cisco-sa-fmc-cacauthbyp-NCLGZm3Q | CVE-2020-3410 | ¸ß | 8.1 |
cisco-sa-ftdfmc-dos-NjYvDcLA | CVE-2020-3499 | ¸ß | 8.6 |
cisco-sa-ftd-inline-dos-nXqUyEqM | CVE-2020-3577 | ¸ß | 7.4 |
cisco-sa-ftd-container-esc-FmYqFBQV | CVE-2020-3514 | ¸ß | 8.2 |
cisco-sa-ftd-snmp-dos-R8ENPbOs | CVE-2020-3533 | ¸ß | 8.6 |
cisco-sa-ftd-tcp-dos-GDcZDqAf | CVE-2020-3563 | ¸ß | 8.6 |
²¿·ÖÑÏÖØÎó²î£º
Cisco FXOS FCM¿çÕ¾ÇëÇóαÔìÎó²î£¨CVE-2020-3456£©
´ËÎó²îÊÇCisco Firepower¿ÉÀ©Õ¹²Ù×÷ϵͳ£¨FXOS£©ÖÐCisco Firepower»úÏäÖÎÀíÆ÷£¨FCM£©ÖеÄÒ»¸öÎó²î¡£¡£¡£ËüÊÇÓÉÓÚFCM½Ó¿ÚµÄCSRF±£»£»£»£»£»£»¤È±·¦¡£¡£¡£¹¥»÷Õßͨ¸æÓÕµ¼Ä¿µÄÓû§µ¥»÷¶ñÒâÁ´½Ó£¬£¬£¬£¬£¬£¬´Ó¶ø¾ÙÐпçÕ¾µãÇëÇóαÔ죨CSRF£©¹¥»÷¡£¡£¡£
ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷ÕßÄܹ»·¢ËÍí§ÒâÇëÇ󣬣¬£¬£¬£¬£¬ÕâЩÇëÇóÖпÉÄܰüÀ¨Î´¾Ä¿µÄÓû§ÊÚȨµÄ²Ù×÷¡£¡£¡£
Ó°Ïì¹æÄ££º
ÔÚnon-appliance modeϵÄASA×°±¸ÖеÄFirepower 2100ϵÁÐ×°±¸
Firepower 4100ϵÁÐ×°±¸
Firepower 9300ϵÁÐ×°±¸
Cisco FMC¾Ü¾øÐ§ÀÍÎó²î£¨CVE-2020-3499£©
´ËÎó²îÊÇ˼¿ÆFirepowerÖÎÀíÖÐÐÄ£¨FMC£©ÔÊÐíЧÀÍÖеÄÎó²î£¬£¬£¬£¬£¬£¬ËüÊÇÊÜÓ°ÏìµÄϵͳ¶Ô×ÊÔ´ÖµµÄ²»×¼È·´¦Öóͷ£µ¼Öµġ£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓôËÎó²îÔì³É¾Ü¾øÐ§ÀÍ£¨DoS£©¡£¡£¡£
¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÄ¿µÄϵͳ·¢ËͶñÒâÇëÇóÀ´Ê¹ÓôËÎó²î¡£¡£¡£ÀÖ³ÉʹÓôËÎó²î¿ÉÄÜʹµÃÊÜÓ°ÏìµÄϵͳ²»ÔÙÏìÓ¦¡£¡£¡£
Ó°Ïì¹æÄ££º
ʹÓÃÅþÁ¬ÔÊÐíµÄÈκÎCisco×°±¸ÉÏÔËÐеÄCisco FMC¡£¡£¡£
Cisco FTD TCP Flood¾Ü¾øÐ§ÀÍÎó²î£¨CVE-2020-3563£©
´ËÎó²îÊÇCisco FirepowerÍþв·ÀÓù£¨FTD£©µÄÊý¾Ý°ü´¦Öóͷ£¹¦Ð§ÖеÄÎó²î£¬£¬£¬£¬£¬£¬ËüÊÇÄÚ´æÖÎÀíЧÂʵÍÏÂÔì³ÉµÄ¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓôËÎó²îÔì³É¾Ü¾øÐ§ÀÍ£¨DoS£©¡£¡£¡£
¹¥»÷Õßͨ¹ýÏòÊÜÓ°ÏìµÄÉè±¹ØÁ¬ÄÌØ¶¨¶Ë¿Ú·¢ËÍ´ó×ÚTCPÊý¾Ý°üÀ´Ê¹ÓôËÎó²î¡£¡£¡£¹¥»÷ÕßÀÖ³ÉʹÓôËÎó²î¿ÉÄÜʹµÃϵͳÄÚ´æºÄ¾¡£¡£¡£¬£¬£¬£¬£¬£¬µ¼ÖÂ×°±¸ÖØÐ¼ÓÔØ¡£¡£¡£
Ó°Ïì¹æÄ££º
FTD6.2.3¼°Ö®Ç°°æ±¾
FTD6.3.0 - FTD6.6.0
0x02 ´¦Öóͷ£½¨Òé
²Î¿¼¹Ù·½Ðû²¼µÄÐÞ¸´½¨ÒéʵʱÉý¼¶ÖÁÇå¾²°æ±¾¡£¡£¡£
0x03 ²Î¿¼Á´½Ó
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74302&vs_f=Cisco%20Event%20
https://threatpost.com/cisco-dos-flaws-network-security-software/160414/
https://software.cisco.com/download/find
0x04 ʱ¼äÏß
2020-10-21 CiscoÐû²¼Ç徲ͨ¸æ
2020-10-22 VSRCÐû²¼Ç徲ͨ¸æ
0x05 ¸½Â¼
CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/