CMÀÇ Á¤º¸¸¦ ¿¢¼¼½ºÇϰųª Á¶ÀÛÇÒ ¼ö ÀÖ´Â Ãë¾àÁ¡
[º¸¾È´º½º ±èÅÂÇü] ½Ã½ºÄÚ´Â Unified CM(Unified Communications Manager)¿¡ ¿µÇâÀ» ÁÖ´Â ´ÙÁß Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù.
ÀÌ Ãë¾àÁ¡Àº ¡âSQL Injection Ãë¾àÁ¡(CVE-2013-3404, CVE-2013-3412) ¡âCommand injection Ãë¾àÁ¡(CVE-2013-3402) ¡â±ÇÇÑ»ó½Â Ãë¾àÁ¡(CVE-2013-3403, CVE-2013-3434, CVE-2013-3433) µîÀÌ´Ù.
°ø°ÝÀÚ´Â ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇØ ÅëÇÕ CMÀÇ Á¤º¸¸¦ ¿¢¼¼½ºÇϰųª Á¶ÀÛÇÒ ¼ö ÀÖÀ¸¹Ç·Î, ÃֽŹöÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.
¿µÇâ ¹Þ´Â Á¦Ç°
- Cisco Unified Communications Manager 7.1(x)
- Cisco Unified Communications Manager 8.5(x)
- Cisco Unified Communications Manager 8.6(x)
- Cisco Unified Communications Manager 9.0(x)
- Cisco Unified Communications Manager 9.1(x)
ÀÌ¿¡ ´ëÇÑ ÇØ°á¹æ¾ÈÀº Ãë¾àÇÑ Á¦Ç°ÀÇ ¿î¿µÀÚµéÀº À¯Áöº¸¼ö ¾÷ü¸¦ ÅëÇØ ÆÐÄ¡¸¦ Àû¿ëÇØ¾ß ¾ÈÀüÇÏ´Ù.
Âü°í»çÀÌÆ®
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm
[±èÅÂÇü ±âÀÚ(boan@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>