安全研究

安全漏洞
Cisco IOS XE Software for Catalyst Switches MPLS拒绝服务漏洞(CVE-2022-20919)

发布日期:2022-09-28
更新日期:2022-10-28

受影响系统:
Cisco Cisco Catalyst 3650 Series Switches
Cisco Cisco Catalyst 3850 Series Switches
Cisco Cisco Catalyst 9300 Series Switches
Cisco Cisco Catalyst 9400 Series Switches
Cisco Cisco Catalyst 9500 Series Switches
Cisco Cisco Catalyst 9600 Series Switches
描述:
CVE(CAN) ID: CVE-2022-20919

Cisco IOS XE Software是一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。Cisco Catalyst是一系列交换机。
Cisco IOS XE Software for Cisco Catalyst 3650、Catalyst 3850、Catalyst 9000存在拒绝服务漏洞,该漏洞源于程序未对IPv4流量输入进行正确验证。攻击者可利用该漏洞导致设备重新加载,从而导致拒绝服务。

<*链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL
*>

建议:
厂商补丁:

Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-iosxe-mpls-dos-Ab4OUL3)以及相应补丁:
cisco-sa-iosxe-mpls-dos-Ab4OUL3:Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mpls-dos-Ab4OUL

浏览次数:534
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障