½Ã½ºÄÚ SW ¼³Ä¡µÈ ½Ã½ºÄÚ ÀåºñÀÇ ¿î¿µÀÚ, ¡®Fixed Releases¡¯ ³»¿ë È®ÀÎÈÄ ÆÐÄ¡ Àû¿ëÇؾß
[º¸¾È´º½º ±è°æ¾Ö ±âÀÚ] ½Ã½ºÄÚ¿¡¼ °ø°ÝÀÚ°¡ ÀúÀå¼Ò¸¦ ÀÓÀÇ·Î ¼öÁ¤ÇÒ ¼ö ÀÖ´Â µî ´Ù¼öÀÇ Ãë¾àÁ¡ÀÌ ¹ß°ßµÆ´Ù. °ø°ÝÀÚ°¡ Ãë¾àÁ¡À» ÀÌ¿ëÇØ ÇÇÇظ¦ ¹ß»ý½Ãų ¼ö ÀÖ´Â ¸¸Å ½Ã½ºÄÚ ÀÌ¿ëÀÚ´Â ÃֽŹöÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÏ´Ù.
[À̹ÌÁö=½Ã½ºÄÚ È¨ÆäÀÌÁö]
À̹ø¿¡ ¹ß°ßµÈ Ãë¾àÁ¡Àº ´ÙÀ½°ú °°´Ù.
¡âCisco Policy SuiteÀÇ Policy Builder¿¡¼ ÀÎÁõ±â´É ¹ÌÈíÀ¸·Î °ø°ÝÀÚ°¡ ÀúÀå¼Ò¸¦ ÀÓÀÇ·Î ¼öÁ¤ÇÒ ¼ö ÀÖ´Â Ãë¾àÁ¡(CVE-2018-0376)[1]
¡âCisco Policy SuiteÀÇ Open Systems Gateway initiative (OSGi) interface¿¡¼ ÀÎÁõ±â´É ¹ÌÈíÀ¸·Î ÀÎÇØ ÀÓÀÇÆÄÀÏ¿¡ Á¢±Ù¡¤¼öÁ¤ÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0377)[2]
¡âCisco Policy SuiteÀÇ Policy Builder¿¡¼ ÀÎÁõ±â´É ¹ÌÈíÀ¸·Î °ø°ÝÀÚ°¡ ÀÓÀÇÆÄÀÏ¿¡ Á¢±Ù¡¤¼öÁ¤ÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0374)[3]
¡âCisco Policy SuiteÀÇ Cluster Manager¿¡¼ µî·ÏµÇÁö ¾ÊÀº »ç¿ëÀÚ°¡ ÃÖ°í °ü¸®ÀÚ °èÁ¤(root)¿¡ ´ëÇØ ÀÚ°ÝÀ» °¡Á® ÀÓÀÇÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0375)[4]
¡âCisco Webex Network Recording Player¿¡¼ »ç¿ëÀÚ°¡ ¾Ç¼º ÆÄÀÏ(ARF, WRF)À» ½ÇÇà½Ãų °æ¿ì, °ø°ÝÀÚÀÇ ÀÓÀÇÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0379)[5]
¡âCisco SD-WAN Solution¿¡¼ ºÎÀûÀýÇÑ ÀԷ°ª °ËÁõÀ¸·Î, ÀÓÀÇÆÄÀÏ µ¤¾î¾²±â ¹× ±ÇÇÑ»ó½ÂÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0349)[6]
¡âCisco SD-WAN SolutionÀÇ Zero Touch Provisioning Service¿¡¼ À߸øµÈ °æ°è°ª °ËÁõÀ¸·Î ÀÎÇØ ¹ß»ýÇÏ´Â ¼ºñ½º°ÅºÎ Ãë¾àÁ¡(CVE-2018-0346)[7]
¡âCisco SD-WAN SolutionÀÇ Configuration and Management Database¿¡¼ ºÎÀûÀýÇÑ ÀԷ°ª °ËÁõÀ¸·Î ÀÎÇØ ¹ß»ýÇÏ´Â ÀÓÀÇ ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0345)[8]
¡âCisco SD-WAN SolutionÀÇ command-line tcpdump utility¿¡¼ ºÎÀûÀýÇÑ ÀԷ°ª °ËÁõÀ¸·Î ÀÎÇØ ¹ß»ýÇÏ´Â ÀÓÀÇ ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0351)[9]
¡âCisco SD-WAN SolutionÀÇ CLI¿¡¼ ºÎÀûÀýÇÑ ÀԷ°ª °ËÁõÀ¸·Î ÀÎÇØ root±ÇÇÑÀ¸·Î ¸í·É¾î ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0348)[10]
¡âCisco SD-WAN SolutionÀÇ VPN Subsystem configuration¿¡¼ ºÎÀûÀýÇÑ ÀԷ°ª °ËÁõÀ¸·Î ÀÎÇØ root±ÇÇÑÀ¸·Î ¸í·É¾î ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0350)[11]
¡âCisco SD-WAN SolutionÀÇ Zero Touch Provisioning Subsystem¿¡¼ ºÎÀûÀýÇÑ ÀԷ°ª °ËÁõÀ¸·Î ÀÎÇØ root±ÇÇÑÀ¸·Î ¸í·É¾î ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2018-0347)[12]
¡âCisco Nexus 9000 Series Fabric SwitchesÀÇ DHCPv6 ¸ðµå¿¡¼ ºÎÀûÀýÇÑ ¸Þ¸ð¸® °ü¸®·Î ÀÎÇØ ¸Þ¸ð¸® °í°¥À» ¹ß»ý½ÃÄÑ ½Ã½ºÅÛ ÀçºÎÆÃÀ¸·Î ÀÎÇÑ ¼ºñ½º°ÅºÎ Ãë¾àÁ¡(CVE-2018-0372) [13]ÀÌ´Ù.
¿µÇâÀ» ¹Þ´Â ½Ã½ºÅÛÀº Âü°í»çÀÌÆ®¿¡ ¸í½ÃµÇ¾î ÀÖ´Â ¡®Affected Products¡¯À» ÅëÇØ Ãë¾àÇÑ Á¦Ç°À» È®ÀÎÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÏ´Ù.
Ãë¾àÁ¡ÀÌ ¹ß»ýÇÑ Cisco ¼ÒÇÁÆ®¿þ¾î°¡ ¼³Ä¡µÈ CiscoÀåºñÀÇ ¿î¿µÀÚ´Â ÇØ´ç»çÀÌÆ®¿¡ ¸í½ÃµÇ¾î ÀÖ´Â ¡®Fixed Releases¡¯ ³»¿ëÀ» È®ÀÎÇØ ÆÐÄ¡¸¦ Àû¿ëÇÏ´Â °ÍÀÌ ¹Ù¶÷Á÷ÇÏ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø¾øÀÌ 118)¿¡ ¹®ÀÇÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-cm-default-psswrd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-fo
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-coinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdnjct
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>