{"id":235971,"date":"2020-09-25T11:52:12","date_gmt":"2020-09-25T09:52:12","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=235971"},"modified":"2023-06-02T08:37:42","modified_gmt":"2023-06-02T06:37:42","slug":"sicherheitspatches-fr-cisco-ios-und-ios-xe-sept-2020","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2020\/09\/25\/sicherheitspatches-fr-cisco-ios-und-ios-xe-sept-2020\/","title":{"rendered":"Sicherheitspatches f&uuml;r Cisco IOS und IOS XE (Sept. 2020)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/2020\/09\/25\/sicherheitspatches-fr-cisco-ios-und-ios-xe-sept-2020\/\" target=\"_blank\" rel=\"noopener noreferrer\">English<\/a>]Cisco hat kritische Sicherheitsupdates f\u00fcr seine Netzwerkbetriebssysteme IOS und IOS XE freigegeben. Die Updates schlie\u00dfen insgesamt 24 als kritisch eingestufte Sicherheitsl\u00fccken in den Produkten. Es sollte also zeitnah gepatcht werden.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg07.met.vgwort.de\/na\/a2ff54517e7c453f8fb6b01086dca0c0\" alt=\"\" width=\"1\" height=\"1\" \/>Die Informationen hat Cisco am 24. Sept. 2020 im halbj\u00e4hrlichen Sicherheits-Bulletin <a href=\"https:\/\/tools.cisco.com\/security\/center\/viewErp.x?alertId=ERP-74268\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication<\/a> ver\u00f6ffentlicht. Cisco ver\u00f6ffentlicht am vierten Mittwoch des Monats im M\u00e4rz und September eines jeden Kalenderjahres Cisco geb\u00fcndelte IOS- und IOS XE-Software-Sicherheitshinweise.<\/p>\n<h2>34 Schwachstellen geschlossen<\/h2>\n<p>Die am 24. September 2020 ver\u00f6ffentlichte Cisco IOS und IOS XE Software Security Advisory Bundled Publication enth\u00e4lt 25 Cisco Security Advisories, die 34 Schwachstellen in Cisco IOS Software und Cisco IOS XE Software beschreiben. Von diesen Schwachstellen haben 25 ein als Hoch eingestuftes Security Impact Rating (SIR).<\/p>\n<p>Cisco hat Software-Updates ver\u00f6ffentlicht, die diese Schwachstellen beheben. Um schnell festzustellen, ob eine bestimmte Version der Cisco IOS- oder IOS XE-Software von einer oder mehreren Schwachstellen betroffen ist, k\u00f6nnen Kunden den <a href=\"https:\/\/tools.cisco.com\/security\/center\/softwarechecker.x\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco Software Checker<\/a> verwenden.<\/p>\n<ul>\n<li>cisco-sa-iosxe-isdn-q931-dos-67eUZBTf, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-isdn-q931-dos-67eUZBTf\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability<\/a>, CVE-2020-3511, High 7.4<\/li>\n<li>cisco-sa-profinet-J9QMCHPB, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-profinet-J9QMCHPB\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability<\/a>, CVE-2020-3409, High 7.4<\/li>\n<li>cisco-sa-ios-profinet-dos-65qYG3W5, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ios-profinet-dos-65qYG3W5\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability<\/a>, CVE-2020-3512 , High 7.4<\/li>\n<li>cisco-sa-splitdns-SPWqpdGW, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-splitdns-SPWqpdGW\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability<\/a>, CVE-2020-3408, High 8.6<\/li>\n<li>cisco-sa-ios-lpwa-access-cXsD7PRA, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ios-lpwa-access-cXsD7PRA\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability<\/a>, CVE-2020-3426, High 7.5<\/li>\n<li>cisco-sa-xbace-OnCEbyS, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-xbace-OnCEbyS\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software Arbitrary Code Execution Vulnerability<\/a>, CVE-2020-3417, High 6.8<\/li>\n<li>cisco-sa-COPS-VLD-MpbTvGEW, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-COPS-VLD-MpbTvGEW\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability<\/a>, CVE-2020-3526, High 8.6<\/li>\n<li>cisco-sa-le-drTOB625, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-le-drTOB625\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability<\/a>, CVE-2020-3465, High 7.4<\/li>\n<li>cisco-sa-iosxe-umbrella-dos-t2QMUX37, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-umbrella-dos-t2QMUX37\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Catalyst 9200 Series Switches Umbrella Connector Denial of Service Vulnerability<\/a>, CVE-2020-3510, High 8.6<\/li>\n<li>cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service Vulnerability<\/a>, CVE-2020-3492, High 8.6<\/li>\n<li>cisco-sa-mdns-dos-3tH6cA9J, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-mdns-dos-3tH6cA9J\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service Vulnerability<\/a>, CVE-2020-3359, High 8.6<\/li>\n<li>cisco-sa-ISR4461-gKKUROhx, <a href=\"https:\/\/web.archive.org\/web\/20210422133453\/https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ISR4461-gKKUROhx\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability<\/a>, CVE-2020-3414, High 8.6<\/li>\n<li>cisco-sa-esp20-arp-dos-GvHVggqJ, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-esp20-arp-dos-GvHVggqJ\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor IP ARP Denial of Service Vulnerability<\/a>, CVE-2020-3508, High 7.4<\/li>\n<li>cisco-sa-iosxe-rsp3-rce-jVHg8Z7c, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-rsp3-rce-jVHg8Z7c\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities<\/a>, CVE-2020-3416, CVE-2020-3513, High 6.7<\/li>\n<li>cisco-sa-iosxe-dhcp-dos-JSCKX43h, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-dhcp-dos-JSCKX43h\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability<\/a>, CVE-2020-3509, High 8.6<\/li>\n<li>cisco-sa-ipsla-jw2DJmSv, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ipsla-jw2DJmSv\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability<\/a>, CVE-2020-3422, High 8.6<\/li>\n<li>cisco-sa-ios-webui-priv-esc-K8zvEWM, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ios-webui-priv-esc-K8zvEWM\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software Privilege Escalation Vulnerabilities<\/a>, CVE-2020-3141, CVE-2020-3425, High 8.8<\/li>\n<li>cisco-sa-confacl-HbPtfSuO, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-confacl-HbPtfSuO\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List Denial of Service Vulnerability<\/a>, CVE-2020-3407, High 8.6<\/li>\n<li>cisco-sa-webui-auth-bypass-6j2BYUc7, <a href=\"https:\/\/web.archive.org\/web\/20220528085355\/https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-webui-auth-bypass-6j2BYUc7\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software Web UI Authorization Bypass Vulnerability<\/a>. CVE-2020-3400, High 8.8<\/li>\n<li>cisco-sa-zbfw-94ckG4G, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-zbfw-94ckG4G\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities<\/a>, CVE-2020-3421, CVE-2020-3480, High 8.6<\/li>\n<li>cisco-sa-capwap-dos-TPdNTdyq, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-capwap-dos-TPdNTdyq\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities<\/a>, CVE-2020-3486, CVE-2020-3487, CVE-2020-3488, CVE-2020-3489, CVE-2020-3493, CVE-2020-3494, CVE-2020-3497, High 7.4<\/li>\n<li>cisco-sa-capwap-dos-ShFzXf, <a href=\"https:\/\/web.archive.org\/web\/20220603144447\/https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-capwap-dos-ShFzXf\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability<\/a>, CVE-2020-3399, High 8.6<\/li>\n<li>cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability<\/a>, CVE-2020-3390, High 7.4<\/li>\n<li>cisco-sa-dclass-dos-VKh9D8k3, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-dclass-dos-VKh9D8k3\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service Vulnerability<\/a>, CVE-2020-3428, High 7.4<\/li>\n<li>cisco-sa-wpa-dos-cXshjerc, <a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-wpa-dos-cXshjerc\" target=\"_blank\" rel=\"noopener noreferrer\">Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WPA Denial of Service Vulnerability<\/a>, CVE-2020-3429, High 7.4<\/li>\n<\/ul>\n<p>Details sind den jeweils verlinkten Dokumenten mit den Sicherheitshinweisen zu entnehmen. Die Wochenend-Schicht f\u00fcr Administratoren von Cisco-Systemen ist also gerettet. (<a href=\"https:\/\/www.heise.de\/news\/Security-Updatepaket-fuer-Ciscos-Netzwerkbetriebssysteme-IOS-und-IOS-XE-4912352.html\" target=\"_blank\" rel=\"noopener noreferrer\">via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Cisco hat kritische Sicherheitsupdates f\u00fcr seine Netzwerkbetriebssysteme IOS und IOS XE freigegeben. Die Updates schlie\u00dfen insgesamt 24 als kritisch eingestufte Sicherheitsl\u00fccken in den Produkten. Es sollte also zeitnah gepatcht werden.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[3218,3081,4328],"class_list":["post-235971","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-cisco","tag-geraete","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/235971","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=235971"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/235971\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=235971"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=235971"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=235971"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}