20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerabi…

…lity (#397) * 20231027001-Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability * 20231031001-VVMware-Tools-Multiple-Vulnerabilities * 20231031001-VMware-Tools-Multiple-Vulnerabilities * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability --------- Co-authored-by: Joshua Hitchen (DGov) <[email protected]>
wagov · Nov 7, 2023 · c50bca8 · c50bca8
1 parent 332d9a0
commit c50bca8
Showing 1 changed file with 64 additions and 0 deletions.
diff --git a/...ries/20231106001-Cisco-Security-Advisory-for-Multiple-Products-Vulnerability.md b/...ries/20231106001-Cisco-Security-Advisory-for-Multiple-Products-Vulnerability.md
@@ -0,0 +1,64 @@
+# Cisco Releases Security Advisories for Multiple Products - 20231106001
+
+## Overview
+
+Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
+
+## What is the vulnerability?
+
+[**CVE-2023-20048**](https://nvd.nist.gov/vuln/detail/CVE-2023-20048) - CVSS v3 Base Score: ***9.9***
+
+[**CVE-2023-20175**](https://nvd.nist.gov/vuln/detail/CVE-2023-20175) - CVSS v3 Base Score: ***8.8*** 
+
+[**CVE-2023-20170**](https://nvd.nist.gov/vuln/detail/CVE-2023-20170) - CVSS v3 Base Score: ***6.0*** 
+
+[**CVE-2023-20195**](https://nvd.nist.gov/vuln/detail/CVE-2023-20195) - CVSS v3 Base Score: ***4.7*** 
+
+[**CVE-2023-20196**](https://nvd.nist.gov/vuln/detail/CVE-2023-20196) - CVSS v3 Base Score: ***4.7*** 
+
+[**CVE-2023-20213**](https://nvd.nist.gov/vuln/detail/CVE-2023-20213) - CVSS v3 Base Score: ***4.3*** 
+
+[**CVE-2023-20244**](https://nvd.nist.gov/vuln/detail/CVE-2023-20244) - CVSS v3 Base Score: ***8.6*** 
+
+[**CVE-2023-20083**](https://nvd.nist.gov/vuln/detail/CVE-2023-20083) - CVSS v3 Base Score: ***8.6*** 
+
+[**CVE-2023-20063**](https://nvd.nist.gov/vuln/detail/CVE-2023-20063) - CVSS v3 Base Score: ***8.2*** 
+
+[**CVE-2023-20155**](https://nvd.nist.gov/vuln/detail/CVE-2023-20155) - CVSS v3 Base Score: ***7.5*** 
+
+[**CVE-2023-20219**](https://nvd.nist.gov/vuln/detail/CVE-2023-20219) - CVSS v3 Base Score: ***7.2*** 
+
+[**CVE-2023-20220**](https://nvd.nist.gov/vuln/detail/CVE-2023-20220) - CVSS v3 Base Score: ***7.2*** 
+
+[**CVE-2023-20095**](https://nvd.nist.gov/vuln/detail/CVE-2023-20095) - CVSS v3 Base Score: ***8.6*** 
+
+[**CVE-2023-20086**](https://nvd.nist.gov/vuln/detail/CVE-2023-20086) - CVSS v3 Base Score: ***8.6*** 
+
+## What is vulnerable?
+
+The vulnerability affects the following Cisco products:
+
+- [Cisco Firepower Management Center Software Command Injection Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN) affects Cisco Firepower Management Center product versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20048) 
+- [Cisco Identity Services Engine Command Injection Vulnerabilities](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs) affects Cisco Identity Services Engine Software versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20175)  
+- [Cisco Identity Services Engine Vulnerabilities](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs) affects Cisco Identity Services Engine Software versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20195)
+- [Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls Inspection Rules Denial of Service Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC) affects Cisco Firepower Threat Defense Software versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20244)
+- [Cisco Firepower Threat Defense Software ICMPv6 with Snort 2 Denial of Service Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN) affects Cisco Firepower Threat Defense Software versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20083)
+- [Cisco Firepower Threat Defense Software and Firepower Management Center Software Code Injection Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L) affects Cisco Firepower Management Center versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20063)
+- [Cisco Firepower Management Center Software Log API Denial of Service Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55) affects Cisco Firepower Management Center versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20155)
+- [Cisco Firepower Management Center Software Command Injection Vulnerabilities](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX) affects Cisco Firepower Management Center versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20219) and [here](https://www.cve.org/CVERecord?id=CVE-2023-20220)
+- [Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS) affects Cisco Adaptive Security Appliance (ASA) Software versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20095)
+- [Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ICMPv6 Message Processing Denial of Service Vulnerability](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd) affects Cisco Adaptive Security Appliance (ASA) Software versions [as listed here](https://www.cve.org/CVERecord?id=CVE-2023-20086)
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- [CISA Alerts](https://www.cisa.gov/news-events/alerts/2023/11/03/cisco-releases-security-advisories-multiple-products)
+
+## Additional References
+
+- [Cisco security advisories](https://sec.cloudapps.cisco.com/security/center/publicationListing.x)