{"id":3871,"date":"2019-02-21T15:55:14","date_gmt":"2019-02-21T08:55:14","guid":{"rendered":"https:\/\/www.camcert.gov.kh\/?p=3871"},"modified":"2019-02-21T15:56:25","modified_gmt":"2019-02-21T08:56:25","slug":"camsa19-09-cisco-security-advisories-and-alerts-20-feb-2019","status":"publish","type":"post","link":"https:\/\/www.camcert.gov.kh\/en\/camsa19-09-cisco-security-advisories-and-alerts-20-feb-2019\/","title":{"rendered":"CamSA19-09: \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1792\u17d2\u1784\u1793\u17cb\u1792\u17d2\u1784\u179a\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1795\u179b\u17b7\u178f\u1795\u179b Cisco \u1785\u17c6\u1793\u17bd\u1793 \u17e1\u17e7"},"content":{"rendered":"<p><strong>\u17e1. \u1796\u17d0\u178f\u17cc\u1798\u17b6\u1793\u1791\u17bc\u1791\u17c5<\/strong><\/p>\n<p>\u1793\u17b6\u1790\u17d2\u1784\u17c3\u1791\u17b8\u17e2\u17e0 \u1781\u17c2\u1780\u17bb\u1798\u17d2\u1797\u17c7 \u1786\u17d2\u1793\u17b6\u17c6\u17e2\u17e0\u17e1\u17e9 \u1780\u17d2\u179a\u17bb\u1798\u17a0\u17ca\u17bb\u1793 Cisco \u1794\u17b6\u1793\u1794\u1789\u17d2\u1785\u17c1\u1789\u1793\u17bc\u179c\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8\u1787\u17bd\u179f\u1787\u17bb\u179b (patches) \u1791\u17c5\u179b\u17be\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1785\u17c6\u1793\u17bd\u1793 <strong>\u17e1\u17e7<\/strong> \u178f\u17d2\u179a\u17bc\u179c\u1794\u17b6\u1793\u179a\u1780\u1783\u17be\u1789\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1795\u179b\u17b7\u178f\u1795\u179b\u179a\u1794\u179f\u17cb\u1781\u17d2\u179b\u17bd\u1793 \u178a\u17c2\u179b\u1780\u17d2\u1793\u17bb\u1784\u1793\u17c4\u17c7\u1798\u17b6\u1793\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1785\u17c6\u1793\u17bd\u1793 <strong>\u17e1\u17e1<\/strong> \u1780\u1798\u17d2\u179a\u17b7\u178f\u1798\u1792\u17d2\u1799\u1798 (Medium) \u1793\u17b7\u1784\u1785\u17c6\u1793\u17bd\u1793<strong> \u17e0\u17e6\u200b<\/strong> \u1792\u17d2\u1784\u1793\u17cb\u1792\u17d2\u1784\u179a (High) \u17d4 \u179c\u17b6\u178f\u17d2\u179a\u17bc\u179c\u1794\u17b6\u1793\u1782\u17c1\u1780\u178f\u17cb\u178f\u17d2\u179a\u17b6\u1787\u17b6\u179b\u17c1\u1781\u1780\u17bc\u178a\u00a0\u00a0<a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190220-chn-root-access\">CVE-2019-1664<\/a>, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190220-hyperflex-injection\">CVE-2018-15380<\/a>, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190220-ncs\">CVE-2019-1681<\/a>, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190220-pca-access\">CVE-2019-1662<\/a>, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190220-prime-validation\">CVE-2019-1659<\/a> \u1793\u17b7\u1784 <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20190215-runc\">CVE-2019-5736<\/a>\u17d4<\/p>\n<p><strong>\u17e2. \u1795\u179b\u17b7\u178f\u1795\u179b\u1794\u17c9\u17c8\u1796\u17b6\u179b\u17cb<\/strong><\/p>\n<p>Cisco HyperFlex Software \u1787\u17c6\u1793\u17b6\u1793\u17cb\u00a0(\u1780\u17c6\u178e\u17c2) 3.5 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7<\/p>\n<p>Cisco Network Convergence System \u1787\u17c6\u1793\u17b6\u1793\u17cb\u00a0(\u1780\u17c6\u178e\u17c2) 3.5 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7<\/p>\n<p>Cisco Network Convergence System 1000 Series \u1787\u17c6\u1793\u17b6\u1793\u17cb\u00a0(\u1780\u17c6\u178e\u17c2) 6.5.2 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7<\/p>\n<p>Cisco Prime Collaboration Assurance Software (PCA) \u1787\u17c6\u1793\u17b6\u1793\u17cb (\u1780\u17c6\u178e\u17c2) 12.1 SP2 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7<\/p>\n<p>Cisco Prime Infrastructure Certificate \u1787\u17c6\u1793\u17b6\u1793\u17cb (\u1780\u17c6\u178e\u17c2) 2.2 \u178a\u179b\u17cb 3.4.0<\/p>\n<p>\u1793\u17b7\u1784\u1795\u179b\u17b7\u178f\u1795\u179b\u1795\u17d2\u179f\u17c1\u1784\u17d7\u1787\u17b6\u1785\u17d2\u179a\u17be\u1793\u1791\u17c0\u178f \u179a\u1784\u1795\u179b\u1794\u17c9\u17c7\u1796\u17b6\u179b\u17cb\u1796\u17b8 Container Privilege Escalation<\/p>\n<p><strong>\u17e3. \u1795\u179b\u179c\u17b7\u1794\u17b6\u1780<\/strong><\/p>\n<p>CVE-2019-1664 &#8211; \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784 hxterm service \u179a\u1794\u179f\u17cb\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 <strong>Cisco HyperFlex<\/strong> \u17a2\u17b6\u1785\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u200b\u179a\u17c6\u179b\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u17b7\u1780\u17d2\u1793\u17bb\u1784\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792 \u1793\u17b7\u1784\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1787\u17b6\u179f\u17b7\u1791\u17d2\u1792\u1792\u1798\u17d2\u1798\u178f\u17b6 \u1794\u17d2\u179a\u17a0\u17b6\u179a \u1791\u1791\u17bd\u179b\u1794\u17b6\u1793\u179f\u17b7\u1791\u17d2\u1792\u1787\u17b6\u17a2\u1797\u17b7\u1794\u17b6\u179b\u1782\u17d2\u179a\u1794\u17cb\u1782\u17d2\u179a\u1784\u1791\u17c5\u179b\u17be node \u1791\u17b6\u17c6\u1784\u17a2\u179f\u17cb\u1780\u17d2\u1793\u17bb\u1784 HyperFlex cluster\u17d4<\/p>\n<p>\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1780\u17d2\u1793\u17bb\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u179a\u1794\u179f\u17cb\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1798\u17b7\u1793\u1782\u17d2\u179a\u1794\u17cb\u1782\u17d2\u179a\u17b6\u1793\u17cb (insufficient authentication control) \u178a\u17c2\u179b\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u200b\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u1797\u17d2\u1787\u17b6\u1794\u17cb\u1791\u17c5\u1780\u17b6\u1793\u17cb <em>hxterm<\/em> service \u1780\u17d2\u1793\u17bb\u1784\u179f\u17b7\u1791\u17d2\u1792\u17b7\u1787\u17b6\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1792\u1798\u17d2\u1798\u178f\u17b6 (non-privileged, local user)\u17d4 \u1780\u17b6\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1787\u17c4\u1782\u1787\u17d0\u1799\u17a2\u17b6\u1785\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1791\u1791\u17bd\u179b\u1794\u17b6\u1793\u1793\u17bc\u179c\u179f\u17b7\u1791\u17d2\u1792\u1787\u17b6\u17a2\u1797\u17b7\u1794\u17b6\u179b\u1780\u17d2\u1793\u17bb\u1784\u1780\u17b6\u179a\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1782\u17d2\u179a\u1794\u17cb Node \u1791\u17b6\u17c6\u1784\u17a2\u179f\u17cb\u1780\u17d2\u1793\u17bb\u1784 HyperFlex Cluster\u17d4<\/p>\n<p>CVE-2018-15380\u200b &#8211; \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784 cluster service manager \u179a\u1794\u179f\u17cb\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 <strong>Cisco HyperFlex<\/strong> \u17a2\u17b6\u1785\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u200b\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u179a\u17c6\u179b\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u17b7 \u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u178a\u17c6\u178e\u17be\u179a\u1780\u17b6\u179a\u1796\u17b6\u1780\u17d2\u1799\u1794\u1789\u17d2\u1787\u17b6\u1780\u17d2\u1793\u17bb\u1784\u179f\u17b7\u1791\u17d2\u1792\u1787\u17b6\u17a2\u1797\u17b7\u1794\u17b6\u179b \u17d4<\/p>\n<p>\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u178a\u17c4\u1799\u179f\u17b6\u179a\u178f\u17c2\u1798\u17b7\u1793\u1798\u17b6\u1793\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u17b1\u17d2\u1799\u1794\u17b6\u1793\u178f\u17d2\u179a\u17b9\u1798\u178f\u17d2\u179a\u17bc\u179c\u1793\u17bc\u179c\u1796\u17b6\u1780\u17d2\u1799\u1794\u1789\u17d2\u1787\u17b6 (input validation) \u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u1797\u17d2\u1787\u17b6\u1794\u17cb\u200b\u1791\u17c5\u1780\u17b6\u1793\u17cb cluster service manager \u1793\u17b7\u1784\u1794\u1789\u17d2\u1785\u17bc\u179b\u1796\u17b6\u1780\u17d2\u1799\u1794\u1789\u17d2\u1787\u17b6\u1785\u17bc\u179b\u1780\u17d2\u1793\u17bb\u1784 bound process\u17d4 \u1780\u17b6\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1787\u17c4\u1782\u1787\u17d0\u1799\u17a2\u17b6\u1785\u17b1\u17d2\u1799\u200b\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u178a\u17c6\u178e\u17be\u179a\u1780\u17b6\u179a\u1796\u17b6\u1780\u17d2\u1799\u1794\u1789\u17d2\u1787\u17b6\u1793\u17c5\u179b\u17be\u1798\u17c9\u17b6\u179f\u17ca\u17b8\u1793\u1780\u17d2\u1793\u17bb\u1784\u179f\u17b7\u1791\u17d2\u1792\u1787\u17b6\u17a2\u1797\u17b7\u1794\u17b6\u179b\u17d4<\/p>\n<p>CVE-2019-1681 &#8211; \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 TFTP \u179a\u1794\u179f\u17cb\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 <strong>Cisco Network Convergence System 1000 Series<\/strong> \u17a2\u17b6\u1785\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1796\u17b8\u1785\u1798\u17d2\u1784\u17b6\u1799\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u179a\u17c6\u179b\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u17b7 \u17a0\u17be\u1799\u1791\u17b6\u1789\u1799\u1780\u17af\u1780\u179f\u17b6\u179a\u1782\u17d2\u179a\u1794\u17cb\u1782\u17d2\u179a\u1784\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792 (arbitrary file) \u1796\u17b8\u17a7\u1794\u1780\u179a\u178e\u17cd \u17a2\u17b6\u1785\u1793\u17b6\u17c6\u17b1\u17d2\u1799\u1798\u17b6\u1793\u1780\u17b6\u179a\u1794\u17c2\u1780\u1792\u17d2\u179b\u17b6\u1799\u1791\u17b7\u1793\u17d2\u1793\u17d0\u1799\u179f\u17c6\u1781\u17b6\u1793\u17cb\u17d4<\/p>\n<p>\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u178a\u17c4\u1799\u179f\u17b6\u179a\u178f\u17c2\u1798\u17b7\u1793\u1798\u17b6\u1793\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u17b1\u17d2\u1799\u1794\u17b6\u1793\u178f\u17d2\u179a\u17b9\u1798\u178f\u17d2\u179a\u17bc\u179c \u1793\u17bc\u179c\u1796\u17b6\u1780\u17d2\u1799\u1794\u1789\u17d2\u1787\u17b6\u179a\u1794\u179f\u17cb\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1791\u17c5\u1780\u17b6\u1793\u17cb\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 TFTP \u178a\u17c2\u179b\u200b\u1798\u17b6\u1793\u1785\u17c6\u1793\u17bb\u1785\u1781\u17d2\u179f\u17c4\u1799\u17d4 \u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u1794\u17c6\u1794\u17c2\u1780\u1785\u17c6\u1793\u17bb\u1785\u1781\u17d2\u179f\u17c4\u1799\u1793\u17c1\u17c7 \u178f\u17b6\u1798\u179a\u1799\u17c8\u179c\u17b7\u1792\u17b8\u179f\u17b6\u179f\u17d2\u178f\u17d2\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a directory traversal \u178a\u17c4\u1799\u1797\u17d2\u1787\u17b6\u1794\u17cb\u1787\u17b6\u1798\u17bd\u1799\u1780\u17bc\u178a\u1798\u17c1\u179a\u17c4\u1782\u1791\u17c5\u1780\u17b6\u1793\u17cb\u1780\u1798\u17d2\u1798\u179c\u1792\u17b8 TFTP\u17d4 \u1780\u17b6\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1787\u17c4\u1782\u1787\u17d0\u1799\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1791\u17b6\u1789\u1799\u1780\u17af\u1780\u179f\u17b6\u179a\u200b\u1782\u17d2\u179a\u1794\u17cb\u1782\u17d2\u179a\u1784\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792 (arbitrary file) \u1796\u17b8\u17a7\u1794\u1780\u179a\u178e\u17cd \u17a2\u17b6\u1785\u1793\u17b6\u17c6\u17b1\u17d2\u1799\u1798\u17b6\u1793\u1780\u17b6\u179a\u1794\u17b6\u178f\u17cb\u1794\u1784\u17cb\u1791\u17b7\u1793\u17d2\u1793\u1793\u17d0\u1799\u179f\u17c6\u1781\u17b6\u1793\u17cb\u17d4<\/p>\n<p>CVE-2019-1662 &#8211; \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8\u1793\u17c3 Quality of Voice Reporting (QOVR) service \u1793\u17c3\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 <strong>Cisco Prime Collaboration Assurance (PCA)<\/strong> \u17a2\u17b6\u1785\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1796\u17b8\u1785\u1798\u17d2\u1784\u17b6\u1799\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u179a\u17c6\u179b\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u17b7\u200b\u1785\u17bc\u179b\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792\u1794\u17b6\u1793\u17d4<\/p>\n<p>\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u178a\u17c4\u1799\u179f\u17b6\u179a\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u179a\u1794\u179f\u17cb\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1798\u17b7\u1793\u1782\u17d2\u179a\u1794\u17cb\u1782\u17d2\u179a\u17b6\u1793\u17cb (insufficient authentication control)\u17d4 \u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u17a2\u17b6\u1780\u17cb\u179f\u17c1\u179f\u179f\u17c1\u179c\u17b6\u1780\u1798\u17d2\u1798 QOVR \u178a\u17c4\u1799\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u178f\u17d2\u179a\u17b9\u1798\u178f\u17c2\u1788\u17d2\u1798\u17c4\u17c7 (valid username)\u17d4 \u1780\u17b6\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u200b\u1787\u17c4\u1782\u1787\u17d0\u1799\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u178a\u17c6\u178e\u17be\u179a\u1780\u17b6\u179a\u179f\u17b7\u1791\u17d2\u1792\u1796\u17c1\u1789\u179b\u17c1\u1789\u1787\u17b6\u1788\u17d2\u1798\u17c4\u17c7\u1782\u178e\u1793\u17b8\u178a\u17c2\u179b\u1794\u17b6\u1793\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u17d4<\/p>\n<p>CVE-2019-1659 &#8211; \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1798\u17bb\u1781\u1784\u17b6\u179a Identity Services Engine (ISE) integration \u1793\u17c3\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 Cisco Prime Infrastructure (PI) \u17a2\u17b6\u1785\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1796\u17b8\u1785\u1798\u17d2\u1784\u17b6\u1799\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u179a\u17c6\u179b\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u17b7 \u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u178a\u17c4\u1799\u179c\u17b7\u1792\u17b8\u179f\u17b6\u179f\u17d2\u178f\u17d2\u179a <a href=\"https:\/\/www.camcert.gov.kh\/understand-and-protect-from-man-in-the-middle-attack\/\"><strong>man-in-the-middle<\/strong><\/a> \u1791\u17c5\u179b\u17be\u179f\u17bb\u179c\u178f\u17d2\u1790\u17b7\u1797\u17b6\u1796 Secure Sockets Layer (SSL) \u179f\u1798\u17d2\u179a\u17b6\u1794\u17cb\u1780\u17b6\u179a\u1796\u17b6\u179a\u1780\u17b6\u179a\u1797\u17d2\u1787\u17b6\u1794\u17cb\u179a\u179c\u17b6\u1784 ISE \u1793\u17b7\u1784 PI \u17d4<\/p>\n<p>\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u178a\u17c4\u1799\u179f\u17b6\u179a\u178f\u17c2\u1798\u17b7\u1793\u1794\u17b6\u1793\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u178f\u17d2\u179a\u17b9\u1798\u178f\u17d2\u179a\u17bc\u179c\u1793\u17c3\u179c\u17b7\u1789\u17d2\u1789\u17b6\u1794\u1793\u1794\u178f\u17d2\u179a SSL \u179a\u1794\u179f\u17cb\u1798\u17c9\u17b6\u179f\u17ca\u17b8\u1793\u1780\u17bb\u17c6\u1796\u17d2\u1799\u17bc\u1791\u17d0\u179a\u1798\u17c1 \u1793\u17c5\u1796\u17c1\u179b\u178a\u17c2\u179b\u1798\u17b6\u1793\u178a\u17c6\u178e\u17be\u179a\u1780\u17b6\u179a SSL \u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784 ISE \u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u17a2\u17b6\u1785\u1780\u17c2\u1794\u17d2\u179a\u17c2\u179c\u17b7\u1789\u17d2\u1789\u17b6\u1794\u1793\u1794\u17d0\u178f\u17d2\u179a SSL \u17a0\u17be\u1799\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u179b\u17bd\u1785\u178f\u17b6\u1798\u178a\u17b6\u1793\u178f\u17d2\u179a\u17b6\u17a0\u17d2\u179c\u17b7\u1785\u179a\u179c\u17b6\u1784 ISE \u1793\u17b7\u1784 PI \u17d4 \u1780\u17b6\u179a\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1787\u17c4\u1782\u1787\u17d0\u1799\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u17a2\u17b6\u1785\u1780\u17c2\u1794\u17d2\u179a\u17c2\u1791\u17b7\u1793\u17d2\u1793\u1793\u17d0\u1799\u179f\u17c6\u1781\u17b6\u1793\u17cb\u1793\u17c5\u179b\u17be ISE \u178a\u17c2\u179b\u1798\u17b6\u1793\u178f\u17bd\u1793\u17b6\u1791\u17b8\u1780\u178f\u17cb\u178f\u17d2\u179a\u17b6\u1796\u17d0\u178f\u17cc\u1798\u17b6\u1793\u200b\u179a\u1794\u179f\u17cb\u1798\u17c9\u17b6\u179f\u17ca\u17b8\u1793 Client \u1797\u17d2\u1787\u17b6\u1794\u17cb\u1791\u17c5\u1780\u17b6\u1793\u17cb\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792\u1794\u178e\u17d2\u178f\u17b6\u1789 (Network)\u17d4<\/p>\n<p>CVE-2019-5736 &#8211; \u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8 OpenContainer run CLI \u178a\u17c2\u179b\u1794\u17d2\u179a\u17be\u178a\u17c4\u1799\u1795\u179b\u17b7\u178f\u1795\u179b\u179a\u1794\u179f\u17cb Cisco \u1787\u17b6\u1785\u17d2\u179a\u17be\u1793 \u17a2\u17b6\u1785\u17a2\u1793\u17bb\u1789\u17d2\u1789\u17b6\u178f\u17b1\u17d2\u1799\u17a2\u17d2\u1793\u1780\u179c\u17b6\u1799\u1794\u17d2\u179a\u17a0\u17b6\u179a\u1796\u17b8\u1785\u1798\u17d2\u1784\u17b6\u1799\u179a\u17c6\u179b\u1784\u1780\u17b6\u179a\u1795\u17d2\u1791\u17c0\u1784\u1795\u17d2\u1791\u17b6\u178f\u17cb\u179f\u17b7\u1791\u17d2\u1792\u17b7 \u17a0\u17be\u1799\u1787\u17d2\u179a\u17c0\u178f\u1785\u17bc\u179b\u1791\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792\u178a\u17be\u1798\u17d2\u1794\u17b8\u1791\u17b6\u1789\u1799\u1780\u179f\u17b7\u1791\u17d2\u1792\u17b7\u1795\u17d2\u179f\u17c1\u1784\u17d7 \u1791\u17c0\u178f\u17d4<\/p>\n<p><strong>\u17e4. \u1780\u17b6\u179a\u178e\u17c2\u1793\u17b6\u17c6<\/strong><\/p>\n<p>\u1780\u17b6\u179a\u17b7\u1799\u17b6\u179b\u17d0\u1799 CamCERT \u179f\u17bc\u1798\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u178e\u17c2\u1793\u17b6\u17c6\u178a\u179b\u17cb\u17a2\u1797\u17b7\u1794\u17b6\u179b\u1782\u17d2\u179a\u1794\u17cb\u1782\u17d2\u179a\u1784\u1794\u17d2\u179a\u1796\u17d0\u1793\u17d2\u1792 \u1793\u17b7\u1784\u17a2\u17d2\u1793\u1780\u1794\u17d2\u179a\u17be\u1794\u17d2\u179a\u17b6\u179f\u17cb\u1792\u17d2\u179c\u17be\u1780\u17b6\u179a\u17a2\u17b6\u1794\u17cb\u178a\u17c1\u178f\u1791\u17c5\u179b\u17be\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8\u200b\u1781\u17b6\u1784\u179b\u17be\u1787\u17b6 \u1794\u1793\u17d2\u1791\u17b6\u1793\u17cb (\u1798\u1780\u1780\u17b6\u1793\u17cb\u1787\u17c6\u1793\u17b6\u1793\u17cb\u1785\u17bb\u1784\u1780\u17d2\u179a\u17c4\u1799) \u17d4<\/p>\n<p><strong>\u17e5. \u179c\u17c1\u1794\u179f\u17b6\u1799\u1796\u17b6\u1780\u17cb\u1796\u17d0\u1793\u17d2\u1792<\/strong><\/p>\n<ul>\n<li>https:\/\/tools.cisco.com\/security\/center\/publicationListing.x<\/li>\n<\/ul>\n"},"excerpt":{"rendered":"<p>\u17e1. \u1796\u17d0\u178f\u17cc\u1798\u17b6\u1793\u1791\u17bc\u1791\u17c5 \u1793\u17b6\u1790\u17d2\u1784\u17c3\u1791\u17b8\u17e2\u17e0 \u1781\u17c2\u1780\u17bb\u1798\u17d2\u1797\u17c7 \u1786\u17d2\u1793\u17b6\u17c6\u17e2\u17e0\u17e1\u17e9 \u1780\u17d2\u179a\u17bb\u1798\u17a0\u17ca\u17bb\u1793 Cisco \u1794\u17b6\u1793\u1794\u1789\u17d2\u1785\u17c1\u1789\u1793\u17bc\u179c\u1780\u1798\u17d2\u1798\u179c\u17b7\u1792\u17b8\u1787\u17bd\u179f\u1787\u17bb\u179b (patches) \u1791\u17c5\u179b\u17be\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1785\u17c6\u1793\u17bd\u1793 \u17e1\u17e7 \u178f\u17d2\u179a\u17bc\u179c\u1794\u17b6\u1793\u179a\u1780\u1783\u17be\u1789\u1793\u17c5\u1780\u17d2\u1793\u17bb\u1784\u1795\u179b\u17b7\u178f\u1795\u179b\u179a\u1794\u179f\u17cb\u1781\u17d2\u179b\u17bd\u1793 \u178a\u17c2\u179b\u1780\u17d2\u1793\u17bb\u1784\u1793\u17c4\u17c7\u1798\u17b6\u1793\u1780\u17c6\u17a0\u17bb\u179f\u1786\u17d2\u1782\u1784\u1785\u17c6\u1793\u17bd\u1793 \u17e1\u17e1 \u1780\u1798\u17d2\u179a\u17b7\u178f\u1798\u1792\u17d2\u1799\u1798 (Medium) \u1793\u17b7\u1784\u1785\u17c6\u1793\u17bd\u1793 \u17e0\u17e6\u200b \u1792\u17d2\u1784\u1793\u17cb\u1792\u17d2\u1784\u179a (High) \u17d4 \u179c\u17b6\u178f\u17d2\u179a\u17bc\u179c\u1794\u17b6\u1793\u1782\u17c1\u1780\u178f\u17cb\u178f\u17d2\u179a\u17b6\u1787\u17b6\u179b\u17c1\u1781\u1780\u17bc\u178a\u00a0\u00a0CVE-2019-1664, CVE-2018-15380, CVE-2019-1681, CVE-2019-1662, CVE-2019-1659 \u1793\u17b7\u1784 CVE-2019-5736\u17d4 \u17e2. \u1795\u179b\u17b7\u178f\u1795\u179b\u1794\u17c9\u17c8\u1796\u17b6\u179b\u17cb Cisco HyperFlex Software \u1787\u17c6\u1793\u17b6\u1793\u17cb\u00a0(\u1780\u17c6\u178e\u17c2) 3.5 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7 Cisco Network Convergence System \u1787\u17c6\u1793\u17b6\u1793\u17cb\u00a0(\u1780\u17c6\u178e\u17c2) 3.5 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7 Cisco Network Convergence System 1000 Series \u1787\u17c6\u1793\u17b6\u1793\u17cb\u00a0(\u1780\u17c6\u178e\u17c2) 6.5.2 \u1793\u17b9\u1784\u1798\u17bb\u1793\u1793\u17c1\u17c7 Cisco Prime Collaboration [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3020,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[274,9],"tags":[286,288,287],"class_list":["post-3871","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-274","category-security-alert","tag-cisco-security","tag-cisco-security-alerts","tag-cisco-security-cisco-security-advisories"],"_links":{"self":[{"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/posts\/3871","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/comments?post=3871"}],"version-history":[{"count":3,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/posts\/3871\/revisions"}],"predecessor-version":[{"id":3874,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/posts\/3871\/revisions\/3874"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/media\/3020"}],"wp:attachment":[{"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/media?parent=3871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/categories?post=3871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.camcert.gov.kh\/en\/wp-json\/wp\/v2\/tags?post=3871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}