W dniu 27 kwietnia 2022 r. firma Cisco opublikowała poradniki bezpieczeństwa dotyczące luk w zabezpieczeniach wielu produktów. Podatności sklasyfikowano jako poważne. Zachęcamy administratorów do zapoznania się listą i dokonania odpowiednich aktualizacji.

ProduktKrytycznośćNumer CVE
  Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability8.6CVE-2022-20746
Cisco Firepower Threat Defense Software Snort Out of Memory Denial of Service Vulnerability8.6CVE-2022-20751
Cisco Firepower Threat Defense Software Denial of Service Vulnerability8.6CVE-2022-20757
Cisco Firepower Management Center File Upload Security Bypass Vulnerability6.5CVE-2022-20743
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability8.8CVE-2022-20759
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerability7.4CVE-2022-20742
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS Inspection Denial of Service Vulnerability8.6CVE-2022-20760
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Denial of Service Vulnerability8.6CVE-2022-20745
Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow Vulnerability8.5CVE-2022-20737
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability8.6CVE-2022-20715
Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability8.6CVE-2022-20767
Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability4.4CVE-2022-20681
Cisco Firepower Threat Defense Software XML Injection Vulnerability4.0CVE-2022-20729
Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability5.3CVE-2022-20730
Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerability5.4CVE-2022-20748
Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities6.1CVE-2022-20627
Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability4.3CVE-2022-20740
Cisco Firepower Management Center Software Information Disclosure Vulnerability4.3CVE-2022-20744
Vulnerability in Spring Framework Affecting Cisco Products: March 20229.8CVE-2022-22965
Multiple Cisco Products Snort Modbus Denial of Service Vulnerability7.5CVE-2022-20685