9VSA21-00487-01 CSIRT alerta ante vulnerabilidades en productos de Cisco

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática del Gobierno de Chile, CSIRT de Gobierno, comparte información sobre vulnerabilidades en productos de Cisco, incluyendo algunas de alto riesgo.

Este informe incluye las medidas de mitigación, consistentes en instalar la última actualización de los productos afectados.

Vulnerabilidades

CVE-2019-1727

CVE-2021-1518

CVE-2021-1578

CVE-2021-1579

CVE-2021-1580

CVE-2021-1581

CVE-2021-1582

CVE-2021-1587

CVE-2021-1588

CVE-2021-1590

CVE-2021-1591

CVE-2021-1592

CVE-2021-22156

CVE-2021-34732

CVE-2021-34733

CVE-2021-34746

CVE-2021-34759

CVE-2021-34765

Impactos

Nivel de riesgo crítico:

CVE-2021-34746: Vulnerabilidad de evasión de autenticación en Cisco Enterprise NFV Infrastructure Software.

CVE-2021-22156: Vulnerabilidad de desbordamiento de enteros en software de BlackBerry: QNX SDP 6.5.0SP1 y anteriores, QNX OS for Medical 1.1 y anteriores y QNX OS for Safety 1.0.1 y anteriores.

Nivel de riesgo alto:

CVE-2021-1578: Vulnerabilidad de Escalamiento de privilegios en Cisco Application Policy Infrastructure Controlle.

CVE-2021-1579: Vulnerabilidad de Escalamiento de privilegios en Cisco Application Policy Infrastructure Controller App.

CVE-2021-1587: Vulnerabilidad de Denegación de servicio en la función OAM de VXLAN en Cisco NX-OS.

CVE-2021-1588: Vulnerabilidad de Denegación de servicio en la función OAM de MPLS en Cisco NX-OS.

Productos Afectados

Cisco Nexus 9500 Series.

Cisco UCS 6400 Series Fabric Interconnects si están corriendo una version vulnerable del Cisco UCS Manager software.

Nexus 3000 Series Switches, Nexus 7000 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, si corren una version vulnerable de Cisco NX-OS y tienen la función MPLS OAM activada.

Nexus 3000 Series Switches y Nexus 9000 Series Switches si corren una version vulnerable de Cisco NX-OS y tienen la función NGOAM activada.

QNX SDP 6.5.0SP1 y anteriores, QNX OS for Medical 1.1 y anteriores y QNX OS for Safety 1.0.1 y anteriores

Cisco Nexus Insights.

Cisco Identity Services Engine (ISE)

Cisco Prime Collaboration Provisioning

Cisco Prime Infrastructure

Cisco Evolved Programmable Network Manager

Cisco Enterprise NFV Infrastructure Software (NFVIS)

Cisco Firepower Device Manager (FDM)

Cisco NX-OS Software

Cisco Application Policy Infrastructure Controller (APIC)

Cisco Cloud APIC

Mitigación

Instalar las respectivas actualizaciones entregadas por el proveedor.

Enlaces

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nexus-acl-vrvQYPVe

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-login-blockfor-RwjGVEcu

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-ssh-dos-MgvmyrQy

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-chvul-CKfGYBh8

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-pesc-pkmGK4J

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-insight-infodis-2By2ZpBB

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-4HnZFewr

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-prime-collab-xss-fQMDE5GO

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-prime-info-disc-nTU9FJ2

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nfvis-g2DMVVh

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-rce-Rx6vVurq

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-pyth-escal

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-mdvul-HBsJBuvW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-scss-bFT75YrM

https://cve.mitre.org/cgi-bin/cvename.cgi?name=

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1727

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1518

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1578

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1579

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1580

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1581

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1582

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1587

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1588

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1590

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1591

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1592

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22156

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34732

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34733

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34746

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34759

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34765

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace 9VSA21-00487-01.

9VSA21-00487-01 CSIRT alerta ante vulnerabilidades en productos de Cisco