CNVD-2017-37269

Vulnerability from cnvd - Published: 2017-12-18
VLAI Severity ?
Title
Cisco多个产品信息泄露漏洞(CNVD-2017-37269)
Description
Cisco ASA 系列安全设备可以保护各种规模的公司网络。它可让用户随时随地使用任何设备进行高度安全的数据访问。适用于Cisco Catalyst® 6500的思科应用控制引擎模块(ACE)系列产品提供了最高水平的应用基础设施控制能力、应用性能、应用安全性和基础设施简洁性。 Cisco下一代防火墙ASA和思科应用控制引擎ACE存在信息泄露漏洞,攻击者可利用漏洞执行中间人攻击并获取敏感信息。成功的攻击有助于实施进一步的攻击行为。
Severity
Patch Name
Cisco多个产品信息泄露漏洞(CNVD-2017-37269)的补丁
Patch Description
Cisco ASA 系列安全设备可以保护各种规模的公司网络。它可让用户随时随地使用任何设备进行高度安全的数据访问。适用于Cisco Catalyst® 6500的思科应用控制引擎模块(ACE)系列产品提供了最高水平的应用基础设施控制能力、应用性能、应用安全性和基础设施简洁性。 Cisco下一代防火墙ASA和思科应用控制引擎ACE存在信息泄露漏洞,攻击者可利用漏洞执行中间人攻击并获取敏感信息。成功的攻击有助于实施进一步的攻击行为。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher

Reference
http://www.securityfocus.com/bid/102170
Impacted products
Name
['Cisco ASA 5540 Series Adaptive Security Appliance', 'Cisco ASA 5520 Series Adaptive Security Appliance', 'Cisco ASA 5510 Series Adaptive Security Appliance', 'Cisco ASA 5505 Series Adaptive Security Appliance', 'Cisco ASA 5500-X Series Firewalls 9.1(7.16)', 'Cisco Adaptive Security Appliance (ASA) 5500-X Series', 'Cisco ACE30 Application Control Engine Module', 'Cisco ACE 4710 Application Control Engine', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.5)', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.0)', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(2.0)']
Show details on source website
To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "102170"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12373"
    }
  },
  "description": "Cisco ASA \u7cfb\u5217\u5b89\u5168\u8bbe\u5907\u53ef\u4ee5\u4fdd\u62a4\u5404\u79cd\u89c4\u6a21\u7684\u516c\u53f8\u7f51\u7edc\u3002\u5b83\u53ef\u8ba9\u7528\u6237\u968f\u65f6\u968f\u5730\u4f7f\u7528\u4efb\u4f55\u8bbe\u5907\u8fdb\u884c\u9ad8\u5ea6\u5b89\u5168\u7684\u6570\u636e\u8bbf\u95ee\u3002\u9002\u7528\u4e8eCisco Catalyst\u00ae 6500\u7684\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ce\u6a21\u5757(ACE)\u7cfb\u5217\u4ea7\u54c1\u63d0\u4f9b\u4e86\u6700\u9ad8\u6c34\u5e73\u7684\u5e94\u7528\u57fa\u7840\u8bbe\u65bd\u63a7\u5236\u80fd\u529b\u3001\u5e94\u7528\u6027\u80fd\u3001\u5e94\u7528\u5b89\u5168\u6027\u548c\u57fa\u7840\u8bbe\u65bd\u7b80\u6d01\u6027\u3002\r\n\r\nCisco\u4e0b\u4e00\u4ee3\u9632\u706b\u5899ASA\u548c\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ceACE\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6267\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u5e76\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u6210\u529f\u7684\u653b\u51fb\u6709\u52a9\u4e8e\u5b9e\u65bd\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u884c\u4e3a\u3002",
  "discovererName": "Hanno B\u00c3\u00b6ck, Juraj Somorovsky of Ruhr-Universit\u00c3\u00a4t Bochum/Hackmanit GmbH, and Craig Young of Tripwire VERT.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-37269",
  "openTime": "2017-12-18",
  "patchDescription": "Cisco ASA \u7cfb\u5217\u5b89\u5168\u8bbe\u5907\u53ef\u4ee5\u4fdd\u62a4\u5404\u79cd\u89c4\u6a21\u7684\u516c\u53f8\u7f51\u7edc\u3002\u5b83\u53ef\u8ba9\u7528\u6237\u968f\u65f6\u968f\u5730\u4f7f\u7528\u4efb\u4f55\u8bbe\u5907\u8fdb\u884c\u9ad8\u5ea6\u5b89\u5168\u7684\u6570\u636e\u8bbf\u95ee\u3002\u9002\u7528\u4e8eCisco Catalyst\u00ae 6500\u7684\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ce\u6a21\u5757(ACE)\u7cfb\u5217\u4ea7\u54c1\u63d0\u4f9b\u4e86\u6700\u9ad8\u6c34\u5e73\u7684\u5e94\u7528\u57fa\u7840\u8bbe\u65bd\u63a7\u5236\u80fd\u529b\u3001\u5e94\u7528\u6027\u80fd\u3001\u5e94\u7528\u5b89\u5168\u6027\u548c\u57fa\u7840\u8bbe\u65bd\u7b80\u6d01\u6027\u3002\r\n\r\nCisco\u4e0b\u4e00\u4ee3\u9632\u706b\u5899ASA\u548c\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ceACE\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6267\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u5e76\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u6210\u529f\u7684\u653b\u51fb\u6709\u52a9\u4e8e\u5b9e\u65bd\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u884c\u4e3a\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco\u591a\u4e2a\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-37269\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco ASA 5540 Series Adaptive Security Appliance",
      "Cisco ASA 5520 Series Adaptive Security Appliance",
      "Cisco ASA 5510 Series Adaptive Security Appliance",
      "Cisco ASA 5505 Series Adaptive Security Appliance",
      "Cisco ASA 5500-X Series Firewalls 9.1(7.16)",
      "Cisco Adaptive Security Appliance (ASA) 5500-X Series",
      "Cisco ACE30 Application Control Engine Module",
      "Cisco ACE 4710 Application Control Engine",
      "Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.5)",
      "Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.0)",
      "Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(2.0)"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/102170",
  "serverity": "\u4e2d",
  "submitTime": "2017-12-18",
  "title": "Cisco\u591a\u4e2a\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-37269\uff09"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.