cnvd-2018-11346
Vulnerability from cnvd

Title: 多款Cisco产品资源管理错误漏洞

Description:

Cisco Emergency Responder等都是美国思科(Cisco)公司的产品。Cisco Emergency Responder是一套IP通信系统中的应急呼叫软件。Finesse是一套下一代客户协作服务解决方案。

多款Cisco产品中本地文件的管理(用于对系统日志文件的管理)存在资源管理错误漏洞,该漏洞源于程序没有限制系统日志文件的最大值。远程攻击者可通过向设备发送远程连接请求利用该漏洞造成磁盘大量占用,造成拒绝服务。

Severity:

Patch Name: 多款Cisco产品资源管理错误漏洞的补丁

Patch Description:

Cisco Emergency Responder等都是美国思科(Cisco)公司的产品。Cisco Emergency Responder是一套IP通信系统中的应急呼叫软件。Finesse是一套下一代客户协作服务解决方案。

多款Cisco产品中本地文件的管理(用于对系统日志文件的管理)存在资源管理错误漏洞,该漏洞源于程序没有限制系统日志文件的最大值。远程攻击者可通过向设备发送远程连接请求利用该漏洞造成磁盘大量占用,造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos

Impacted products
Name
['Cisco Unified Presence', 'Cisco Finesse', 'Cisco SocialMiner', 'Cisco MediaSense', 'Cisco Unity Connection', 'Cisco Prime Collaboration Provisioning', 'Cisco Prime Collaboration Assurance', 'Cisco Unified Intelligence Center', 'Cisco Hosted Collaboration Mediation Fulfillment', 'Cisco Emergency Responder', 'Cisco Unified Communications Manager (UCM) 0', 'Cisco Unified Contact Center Express', 'Cisco Prime License Manager', 'Cisco Unified Communications Manager IM and Presence Service (IM&P)', 'Cisco Unified Communication Manager Session Management Edition (SME)', 'Cisco Virtualized Voice Browser']
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-6779"
    }
  },
  "description": "Cisco Emergency Responder\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Emergency Responder\u662f\u4e00\u5957IP\u901a\u4fe1\u7cfb\u7edf\u4e2d\u7684\u5e94\u6025\u547c\u53eb\u8f6f\u4ef6\u3002Finesse\u662f\u4e00\u5957\u4e0b\u4e00\u4ee3\u5ba2\u6237\u534f\u4f5c\u670d\u52a1\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u672c\u5730\u6587\u4ef6\u7684\u7ba1\u7406\uff08\u7528\u4e8e\u5bf9\u7cfb\u7edf\u65e5\u5fd7\u6587\u4ef6\u7684\u7ba1\u7406\uff09\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u9650\u5236\u7cfb\u7edf\u65e5\u5fd7\u6587\u4ef6\u7684\u6700\u5927\u503c\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u8bbe\u5907\u53d1\u9001\u8fdc\u7a0b\u8fde\u63a5\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u78c1\u76d8\u5927\u91cf\u5360\u7528\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-11346",
  "openTime": "2018-06-12",
  "patchDescription": "Cisco Emergency Responder\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Emergency Responder\u662f\u4e00\u5957IP\u901a\u4fe1\u7cfb\u7edf\u4e2d\u7684\u5e94\u6025\u547c\u53eb\u8f6f\u4ef6\u3002Finesse\u662f\u4e00\u5957\u4e0b\u4e00\u4ee3\u5ba2\u6237\u534f\u4f5c\u670d\u52a1\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u591a\u6b3eCisco\u4ea7\u54c1\u4e2d\u672c\u5730\u6587\u4ef6\u7684\u7ba1\u7406\uff08\u7528\u4e8e\u5bf9\u7cfb\u7edf\u65e5\u5fd7\u6587\u4ef6\u7684\u7ba1\u7406\uff09\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u9650\u5236\u7cfb\u7edf\u65e5\u5fd7\u6587\u4ef6\u7684\u6700\u5927\u503c\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u8bbe\u5907\u53d1\u9001\u8fdc\u7a0b\u8fde\u63a5\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u78c1\u76d8\u5927\u91cf\u5360\u7528\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eCisco\u4ea7\u54c1\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Unified Presence",
      "Cisco Finesse",
      "Cisco SocialMiner",
      "Cisco MediaSense",
      "Cisco Unity Connection",
      "Cisco Prime Collaboration Provisioning",
      "Cisco Prime Collaboration Assurance",
      "Cisco Unified Intelligence Center",
      "Cisco Hosted Collaboration Mediation Fulfillment",
      "Cisco Emergency Responder",
      "Cisco Unified Communications Manager (UCM) 0",
      "Cisco Unified Contact Center Express",
      "Cisco Prime License Manager",
      "Cisco Unified Communications Manager IM and Presence Service (IM\u0026P\uff09",
      "Cisco Unified Communication Manager Session Management Edition (SME)",
      "Cisco Virtualized Voice Browser"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos",
  "serverity": "\u9ad8",
  "submitTime": "2018-06-12",
  "title": "\u591a\u6b3eCisco\u4ea7\u54c1\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.