Ciscoが「Log4Shell」の調査を終了、65製品に影響 - 大半が年内にリリース予定

「Apache Log4j」に関しては、「CVE-2021-44228」「CVE-2021-45046」の修正版としてリリースされた「Apache Log4j 2.16.0」に関しても、あらたに「CVE-2021-45105」が判明、急遽「同2.17.0」がリリースされている。同社では、同脆弱性の影響についても引き続き調査を進めていく方針。

脆弱性「CVE-2021-44228」「CVE-2021-45046」の影響を受ける製品は以下のとおり。

Cisco Webex Meetings Server
Cisco CX Cloud Agent Software
Cisco Call Studio
Cisco Nexus Insights
Cisco Firepower Threat Defense managed by Firepower Device Manager
Cisco Identity Services Engine
Cisco Application Policy Infrastructure Controller - Network Insights Base App
Cisco Automated Subsea Tuning
Cisco Business Process Automation
Cisco CloudCenter Cost Optimizer
Cisco CloudCenter Suite Admin
Cisco CloudCenter Workload Manager
Cisco CloudCenter
Cisco Common Services Platform Collector
Cisco Crosswork Data Gateway
Cisco Crosswork Network Controller
Cisco Crosswork Optimization Engine
Cisco Crosswork Platform Infrastructure
Cisco Crosswork Situation Manager
Cisco Crosswork Zero Touch Provisioning
Cisco Cyber Vision Sensor Management Extension
Cisco DNA Spaces Connector
Cisco Data Center Network Manager
Cisco Evolved Programmable Network Manager
Cisco Intersight Virtual Appliance
Cisco Network Services Orchestrator
Cisco Nexus Dashboard, formerly Cisco Application Services Engine
Cisco Prime Service Catalog
Cisco Smart PHY
Cisco Virtual Topology System
Cisco Virtualized Infrastructure Manager
Cisco WAN Automation Engine
Cisco DNA Center
Cisco IOx Fog Director
Cisco Network Assurance Engine
Cisco Network Convergence System 1004
Cisco Optical Network Controller
Cisco SD-WAN vManage
Cisco Integrated Management Controller Supervisor
Cisco UCS Central Software
Cisco UCS Director
Cisco Workload Optimization Manager
Cisco BroadWorks
Cisco Cloud Connect
Cisco Contact Center Domain Manager
Cisco Contact Center Management Portal
Cisco Emergency Responder
Cisco Enterprise Chat and Email
Cisco Finesse
Cisco Packaged Contact Center Enterprise
Cisco Paging Server
Cisco Unified Communications Manager
Cisco Unified Communications Manager Session Management Edition
Cisco Unified Communications Manager IM &Presence Service
Cisco Unified Contact Center Enterprise
Cisco Unified Contact Center Enterprise - Live Data server
Cisco Unified Contact Center Express
Cisco Unified Customer Voice Portal
Cisco Unified Intelligence Center
Cisco Unified SIP Proxy Software
Cisco Unity Connection
Cisco Virtualized Voice Browser
Cisco Webex Workforce Optimization
Cisco Video Surveillance Operations Manager
Cisco Connected Mobile Experiences

（Security NEXT - 2021/12/21 ） ツイート

PR

関連記事

推論サーバ「NVIDIA Triton Inference Server」に複数脆弱性
「Firefox 151」がリリース - 脆弱性31件に対応
「Drupal」が緊急更新を予定 - 数時間で脆弱性悪用の可能性
F5が四半期アドバイザリ、「BIG-IP」関連に多数脆弱性
LLMアプリ開発基盤「Dify」に複数のクリティカル脆弱性
「Apache Flink」にコードインジェクションの脆弱性 - 重要度「クリティカル」
「MongoDB」に深刻な脆弱性 - 早急な対応を強く推奨
WPS Office旧脆弱性、2020年以降の製品などにも影響
Ivanti、5月の月例アップデートを公開 - 「クリティカル」脆弱性も
「MS Edge」にセキュリティ更新 - 独自含む脆弱性76件を修正