Cisco多个产品本地未授权访问漏洞(CVE-2017-12239)
受影响系统:
Cisco ASR 1000
描述:BUGTRAQ ID: 101042
CVE(CAN) ID: CVE-2017-12239
Cisco是互联网解决方案提供商。
Cisco ASR 1000 Series Aggregation Services Routers/Cisco cBR-8 Converged Broadband Routers在主板控制台端口中存在安全漏洞,可使未经身份验证的攻击者访问受影响设备操作系统。
<*来源:Cisco
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cc
*>
建议:厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20170927-cc)以及相应补丁:
cisco-sa-20170927-cc:Cisco IOS XE Software for Cisco ASR 1000 Series and cBR-8 Routers Line Card Console Access Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-cc