˼¿ÆÐÞ¸´¶à¿îÈí¼þ¸ßΣÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-06-06

Îó²î±àºÅºÍ¼¶±ð



CVE±àºÅ£ºCVE-2019-1861£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º7.2

CVE±àºÅ£ºCVE-2019-1845£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º8.6



ÊÜÓ°ÏìµÄ°æ±¾



CVE-2019-1861


Cisco Industrial Network Director software releases prior to 1.6.0


CVE-2019-1845


Expressway Series configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)
TelePresence VCS configured for Mobile and Remote Access with IM&P Service (Releases X8.1 to X12.5.2)

Unified Communications Manager IM&P Service (multiple releases)



Îó²î¸ÅÊö



˼¿ÆÐÞ¸´ÁËÈçÏÂÁ½¸ö¸ßΣÎó²î£º


CVE-2019-1861


Cisco Industrial Network DirectorÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄÒ»Ì×¹¤Òµ×Ô¶¯»¯ÖÎÀíϵͳ¡£¡£¡£¡£¡£¡£¸Ãϵͳͨ¹ý¶Ô¹¤ÒµÒÔÌ«Íø»ù´¡ÉèÊ©µÄ¿ÉÊÓ»¯²Ù×÷À´ÊµÏÖ×Ô¶¯»¯ÖÎÀí¡£¡£¡£¡£¡£¡£


Cisco Industrial Network DirectorÈí¼þ¸üй¦Ð§ÖеÄÎó²î¿ÉÄÜÔÊÐí¾­ÓÉÉí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷ÕßÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£¡£¸ÃÎó²îÊÇÓÉÓÚ¶ÔÉÏÔص½ÊÜÓ°ÏìµÄÓ¦ÓóÌÐòµÄÎļþ¾ÙÐÐÁ˲»×¼È·µÄÑéÖ¤¡£¡£¡£¡£¡£¡£ ¹¥»÷Õß¿ÉÒÔͨ¹ýʹÓÃÖÎÀíԱȨÏÞÑéÖ¤ÊÜÓ°ÏìµÄϵͳ²¢ÉÏÔØí§ÒâÎļþÀ´Ê¹ÓôËÎó²î¡£¡£¡£¡£¡£¡£ÀÖ³ÉʹÓÿÉÄÜÔÊÐí¹¥»÷ÕßʹÓÃÌáÉýµÄȨÏÞÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£¡£


CVE-2019-1845


Cisco Unified Communications Manager IM & Presence Service£¨CUCM IM&P£©ºÍTelePresence Video Communication Server (VCS) and Expressway¶¼ÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄ²úÆ·¡£¡£¡£¡£¡£¡£Cisco Unified Communications Manager IM and Presence Service£¨CUCM IM&P£©ÊÇÒ»¸öʹÓÃÔÚºô½Ð´¦Öóͷ£×é¼þÖеĻùÓÚCUCMµÄ¼´Ê±ÐÂÎÅ£¨IM£©ºÍ״̬ÏÔʾƽ̨¡£¡£¡£¡£¡£¡£TelePresence Video Communication Server£¨VCS£©and ExpresswayÊÇÒ»¿îÍøÕæÊÓƵͨѶЧÀÍÆ÷¡£¡£¡£¡£¡£¡£


Cisco Unified Communications Manager IM & Presence Service£¨CUCM IM&P£©ºÍTelePresence Video Communication Server (VCS) and ExpresswayϵÁеÄÉí·ÝÑé֤ЧÀÍÖеÄÎó²î¿ÉÄÜÔÊÐíδ¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õßµ¼ÖÂʵÑéÓû§µÄЧÀÍÖÐÖ¹¾ÙÐÐÉí·ÝÑéÖ¤£¬£¬£¬£¬µ¼Ö¾ܾøЧÀÍ£¨DoS£©Ìõ¼þ¡£¡£¡£¡£¡£¡£¸ÃÎó²îÊÇÓÉÓÚ¶ÔÌض¨ÄÚ´æ²Ù×÷µÄ¿ØÖÆȱ·¦Ôì³ÉµÄ¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄϵͳ·¢ËÍÃûÌùýʧµÄ¿ÉÀ©Õ¹ÐÂÎźÍ״̬ЭÒ飨XMPP£©Éí·ÝÑéÖ¤ÇëÇóÀ´Ê¹ÓôËÎó²î¡£¡£¡£¡£¡£¡£ÀÖ³ÉʹÓÿÉÄÜÔÊÐí¹¥»÷ÕßÒâÍâÖØÆôÉí·ÝÑé֤ЧÀÍ£¬£¬£¬£¬´Ó¶ø×èÖ¹Óû§ÀֳɾÙÐÐÉí·ÝÑéÖ¤¡£¡£¡£¡£¡£¡£Ê¹ÓôËÎó²î²»»áÓ°ÏìÔÚ¹¥»÷֮ǰ¾ÙÐÐÉí·ÝÑéÖ¤µÄÓû§¡£¡£¡£¡£¡£¡£



Îó²îÑéÖ¤



ÔÝÎÞPOC/EXP¡£¡£¡£¡£¡£¡£



ÐÞ¸´½¨Òé



ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó¼û²Î¿¼Á´½Ó¡£¡£¡£¡£¡£¡£



²Î¿¼Á´½Ó



https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-ind-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-cucm-imp-dos