Afar baylah ah ayaa lagu aqoonsaday Cisco Small Business switches taxane ah oo u oggolaanaya weeraryahan fog oo aan la hubin inuu si buuxda u galo aaladda leh xuquuqda xididka. Si looga faa'ideysto dhibaatooyinka, weeraryahanku waa inuu awood u leeyahay inuu u soo diro codsiyada dekedda shabakadda ee bixisa interface interface. Dhibaatooyinka waxaa loo qoondeeyay heer halis ah oo halis ah (4 marka loo eego 9.8). Tusaalaha ka faa'iidaysiga shaqada ayaa la sheegay in la heli karo.
Nuglaanta la aqoonsaday (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20189) waxaa sababa khaladaad marka ay la shaqeynayaan xusuusta gacan-qabayaal kala duwan oo laga heli karo marxaladda aqoonsiga ka hor. Nuglaanta waxay keentaa qulqul xad dhaaf ah marka la habeeyo xogta dibadda ee si gaar ah loo habeeyay. Intaa waxaa dheer, afar dayacan oo khatartoodu yar tahay (CVE-2023-20024, CVE-2023-20156, CVE-2023-20157, CVE-2023-20158) ayaa lagu aqoonsaday taxanaha ganacsiga yar yar ee Cisco oo u oggolaanaya diidmada fog ee adeegga, iyo hal nuglaanta (CVE-2023-20162), taas oo ka dhigaysa in la helo macluumaadka habaynta qalabka iyada oo aan la xaqiijin.
Nuglaanta waxay saamaysaa Smart Switch 250, 350, 350X, 550X, Business 250 iyo Business 350 series, iyo sidoo kale ganacsiga yaryar ee 200, 300 iyo 500. Taxanaha 220 iyo Business 220 ma saameeyaan dayacanka. Dhibaatooyinka waxaa lagu hagaajiyay cusbooneysiinta firmware 2.5.9.16 iyo 3.3.0.16. Taxanaha Ganacsiga Yaryar 200, 300 iyo 500, casriyeynta firmware lama soo saari doono, maadaama meertada nolosha ee moodooyinkan hore loo dhameeyay.
Source: opennet.ru