[º¸¾È´º½º ±è°æ¾Ö ±âÀÚ] ½Ã½ºÄÚ(Cisco)¿¡¼ ¼ºñ½º °ÅºÎ Ãë¾àÁ¡À» ºñ·ÔÇØ ±ÇÇÑ »ó½Â Ãë¾àÁ¡, ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ µî ÀÚ»ç Á¦Ç°¿¡ ´Ù¼öÀÇ Ãë¾àÁ¡ÀÌ ¹ß°ßµÆ´Ù¸ç º¸¾È ¾÷µ¥ÀÌÆ®¸¦ °øÁöÇß´Ù. °ø°ÝÀÚ´Â ÇØ´ç Ãë¾àÁ¡À» ÀÌ¿ëÇØ ÇÇÇظ¦ ¹ß»ý½Ãų ¼ö ÀÖÀ¸¹Ç·Î, ÆÐÄ¡ Àû¿ë°ú ÇÔ²² º¸¾È¿¡ °¢º°È÷ ½Å°æ½á¾ß ÇÑ´Ù.
[À̹ÌÁö=½Ã½ºÄÚ »çÀÌÆ® ĸó ȸé]
À̹ø¿¡ ¹ß°ßµÈ Ãë¾àÁ¡Àº ¡âCisco Wireless LAN ControllorÀÇ 802.11v BSS(Basic Service Set) Àüȯ °ü¸® ÆÐŶ¿¡¼ ÀÔ·Â À¯È¿¼º °ËÁõ ¹ÌÈíÀ¸·Î ¹ß»ýÇÏ´Â ¼ºñ½º °ÅºÎ Ãë¾àÁ¡(CVE-2017-12275)[1]
¡âCisco Wireless LAN ControllorÀÇ SNMP(Simple Network Management Protocol)¿¡¼ ¹ß»ýÇÏ´Â ¼ºñ½º °ÅºÎ Ãë¾àÁ¡(CVE-2017-12278) [2]
¡âCisco ISE(Identity Services Engine)¿¡¼ ¹ß»ýÇÏ´Â ±ÇÇÑ »ó½Â Ãë¾àÁ¡(CVE-2017-12261) [3]
¡âCisco Firepower 4100 Series NGFW ¹× Firepower 9300 Security Appliance Smart ¡âLicensing¿¡¼ ¹ß»ýÇÏ´Â ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2017-12277) [4]
¡âCisco Prime Collaboration Provisioning ¾îÇø®ÄÉÀ̼ǿ¡¼ ÀÔ·Â °ª °ËÁõ ¹ÌÈíÀ¸·Î ¹ß»ýÇÏ´Â SQL ÀÎÁ§¼Ç Ãë¾àÁ¡(CVE-2017-12276) [5]
¡âCisco APIC-EM(Application Policy Infrastructure Controller Enterprise Module)ÀÇ ¹æȺ®¿¡¼ ¹ß»ýÇÏ´Â ±ÇÇÑ ¿ìȸ Ãë¾àÁ¡(CVE-2017-12262) [6]
¡âCisco Aironet 1560, 2800 ¹× 3800 Series ¾×¼¼½º Æ÷ÀÎÆ®¿¡ ´ëÇÑ EAP(Extensible Authentication Protocol) ¼ö½Å ÇÁ·¹ÀÓ Ã³¸® ¹ÌÈíÀ¸·Î ¹ß»ýÇÏ´Â ¼ºñ½º °ÅºÎ Ãë¾àÁ¡(CVE-2017-12274)[7]
¡âCisco Aironet 1560, 2800 ¹× 3800 Series ¾×¼¼½º Æ÷ÀÎÆ®¿¡ ´ëÇÑ 802.11 ¿¬°á ¿äû ÇÁ·¹ÀÓ Ã³¸® ¹ÌÈíÀ¸·Î ¹ß»ýÇÏ´Â ¼ºñ½º °ÅºÎ Ãë¾àÁ¡(CVE-2017-12273)[8]ÀÌ´Ù.
¿µÇâÀ» ¹Þ´Â Á¦Ç° ¹× ¹öÀüÀº Âü°í»çÀÌÆ®¿¡ ¸í½ÃµÇ¾î ÀÖ´Â ¡®Affected Products¡¯À» ÅëÇØ Ãë¾àÇÑ Á¦Ç°À» È®ÀÎÇÒ ¼ö ÀÖ´Ù. µû¶ó¼ Ãë¾àÁ¡ÀÌ ¹ß»ýÇÑ Cisco ¼ÒÇÁÆ®¿þ¾î°¡ ¼³Ä¡µÈ Cisco ÀåºñÀÇ ¿î¿µÀÚ´Â ÆÐÄ¡¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø¾øÀÌ 118)¸¦ ÅëÇØ ¹®ÀÇÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-ise
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-cpcp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-apicem
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet1
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>