Cisco PI and EPN ManagerÔ¶³Ì´úÂëÖ´ÐÐÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-05-17

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1821£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-1822£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1823£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾


Cisco PI Software Releases < 3.4.1
Cisco PI Software Releases < 3.5
Cisco PI Software Releases < 3.6

EPN Manager Releases < 3.0.1


²»ÊÜÓ°ÏìµÄ°æ±¾


Cisco PI Software Releases == 3.4.1
Cisco PI Software Releases == 3.5
Cisco PI Software Releases == 3.6

EPN Manager Releases 3.0.1


Îó²î¸ÅÊö


CiscoPrimeInfrastructure£¨PI£©ºÍCiscoEvolvedProgrammableNetworkManager£¨EPNM£©¶¼ÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄ²úÆ·¡£PIÊÇÒ»Ì×ͨ¹ýCiscoPrimeLANManagementSolution£¨LMS£©ºÍCiscoPrimeNetworkControlSystem£¨NCS£©ÊÖÒÕ¾ÙÐÐÎÞÏßÖÎÀíµÄ½â¾ö¼Æ»®£»EPNMÊÇÒ»Ì×ÍøÂçÖÎÃ÷È·¾ö¼Æ»®¡£


5ÔÂ15ÈÕ£¬Cisco¹Ù·½Ðû²¼Ò»ÔòÇ徲ͨ¸æ£¬³ÆÐÞ¸´ÁËCisco Prime Infrastructure and Evolved Programmable Network ManagerÖб£´æµÄ3¸ö¸ßΣÎó²î£¨CVE-2019-1821¡¢CVE-2019-1822¡¢CVE-2019-1823£©¡£


ÕâЩÎó²îÔ´ÓÚÈí¼þûÓкÏÀíµØ¶ÔÓû§ÊäÈë¾ÙÐÐУÑéºÍ¹ýÂË£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÖÎÀíÔ±½çÃæÉÏ´«¶ñÒâµÄÎļþÀ´´¥·¢£¬Ê¹ÓÃÀֳɻáʹµÃ¹¥»÷ÕßÔÚ±»¹¥»÷ϵͳÖÐÒÔrootȨÏÞÖ´ÐдúÂë¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬²¹¶¡»ñÈ¡Á´½Ó£ºhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce¡£

²Î¿¼Á´½Ó


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce