{"id":3215,"date":"2024-07-03T16:44:45","date_gmt":"2024-07-03T08:44:45","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=3215"},"modified":"2024-07-03T16:44:46","modified_gmt":"2024-07-03T08:44:46","slug":"%e4%b8%ad%e5%9c%8bapt%e9%a7%ad%e5%ae%a2%e7%b5%84%e7%b9%94velvet-ant%e5%88%a9%e7%94%a8cisco-nexus%e8%a8%ad%e5%82%99%e7%9a%84%e9%9b%b6%e6%99%82%e5%b7%ae%e6%bc%8f%e6%b4%9e%ef%bc%8c%e5%82%b3%e6%92%ad","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=3215","title":{"rendered":"\u4e2d\u570bAPT\u99ed\u5ba2\u7d44\u7e54Velvet Ant\u5229\u7528Cisco Nexus\u8a2d\u5099\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\uff0c\u50b3\u64ad\u60e1\u610f\u8edf\u9ad4 !"},"content":{"rendered":"\n
\"\"
Photo Credit: TheHackerNews<\/figcaption><\/figure>\n\n\n\n

\u6839\u64da\u570b\u5916\u8cc7\u5b89\u5a92\u9ad4TheHackerNews\u7684\u5831\u9053<\/a>\uff0c\u540d\u70baVelvet Ant\u7684\u4e2d\u570bAPT\u99ed\u5ba2\u7d44\u7e54\u5229\u7528Cisco\u4ea4\u63db\u6a5f\u4e2dNX-OS\u8edf\u9ad4\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\uff0c\u7de8\u865f\u70baCVS-2024-20399 (CVSS\u8a55\u5206: 6.0) \u7684\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u5141\u8a31\u7d93\u904e\u9a57\u8b49\u7684\u653b\u64ca\u8005\u4ee5root\u8eab\u4efd\uff0c\u5728\u53d7\u5f71\u97ff\u8a2d\u5099\u7684\u5e95\u5c64\u4f5c\u696d\u7cfb\u7d71\u4e0a\u57f7\u884c\u4efb\u610f\u547d\u4ee4\uff0c\u50b3\u64ad\u60e1\u610f\u8edf\u9ad4\u3002<\/p>\n\n\n\n

     Velvet Ant\u65bc\u4e0a\u500b\u6708\u9996\u6b21\u88ab\u4ee5\u8272\u5217\u7db2\u8def\u5b89\u5168\u516c\u53f8\u7d00\u9304\u5728\u6848\uff0c\u8a72\u4e8b\u4ef6\u6d89\u53ca\u91dd\u5c0d\u6771\u4e9e\u4e00\u500b\u672a\u547d\u540d\u7d44\u7e54\u7684\u7db2\u8def\u653b\u64ca\uff0c\u6301\u7e8c\u7d04\u4e09\u5e74\uff0c\u900f\u904e\u4f7f\u7528\u904e\u6642\u7684F5 BIG-IP\u8a2d\u5099\u5efa\u7acb\u6301\u4e45\u6027\uff0c\u79d8\u5bc6\u7aca\u53d6\u5ba2\u6236\u548c\u8cc7\u6599\u3002<\/p>\n\n\n\n

     \u7db2\u8def\u5b89\u5168\u516c\u53f8Sygnia\u8868\u793a\u300c\u900f\u904e\u5229\u7528\u6b64\u6f0f\u6d1e\uff0cVelvet Ant \u6210\u529f\u57f7\u884c\u4e86\u4e00\u7a2e\u4ee5\u524d\u672a\u77e5\u7684\u81ea\u8a02\u60e1\u610f\u8edf\u9ad4\uff0c\u8a72\u60e1\u610f\u8edf\u9ad4\u5141\u8a31\u5a01\u8105\u7d44\u7e54\u9060\u7aef\u9023\u63a5\u5230\u53d7\u611f\u67d3\u7684Cisco Nexus\u3001\u4e0a\u50b3\u5176\u4ed6\u6587\u4ef6\u4e26\u5728\u8a2d\u5099\u4e0a\u57f7\u884c\u4ee3\u78bc\u3002\u7db2\u8def\u8a2d\u5099\uff0c\u7279\u5225\u662f\u4ea4\u63db\u6a5f\uff0c\u901a\u5e38\u4e0d\u53d7\u76e3\u63a7\uff0c\u5b83\u5011\u7684\u65e5\u8a8c\u4e5f\u7d93\u5e38\u4e0d\u6703\u8f49\u767c\u5230\u96c6\u4e2d\u5f0f\u65e5\u8a8c\u7cfb\u7d71\u3002\u300d\u201d\u7f3a\u4e4f\u76e3\u63a7\u7d66\u8b58\u5225\u548c\u8abf\u67e5\u60e1\u610f\u6d3b\u52d5\u5e36\u4f86\u4e86\u91cd\u5927\u6311\u6230\u3002\u201d<\/p>\n\n\n\n

     Cisco\u8868\u793a\uff0c\u8a72\u554f\u984c\u6e90\u65bc\u5c0d\u50b3\u905e\u7d66\u7279\u5b9a\u914d\u7f6eCLI\u547d\u4ee4\u7684\u53c3\u6578\u9a57\u8b49\u4e0d\u8db3\uff0c\u653b\u64ca\u8005\u53ef\u4ee5\u900f\u904e\u7cbe\u5fc3\u8a2d\u8a08\u7684\u8f38\u5165\u4f5c\u70ba\u53d7\u5f71\u97ff\u7684\u914d\u7f6eCLI\u547d\u4ee4\u7684\u53c3\u6578\u4f86\u5229\u7528\u9019\u4e9b\u53c3\u6578\u3002\u66f4\u91cd\u8981\u7684\u662f\uff0c\u5b83\u4f7f\u5177\u6709\u7ba1\u7406\u54e1\u6b0a\u9650\u7684\u4f7f\u7528\u8005\u80fd\u5920\u5728\u4e0d\u89f8\u767c\u7cfb\u7d71\u65e5\u8a8c\u8a0a\u606f\u7684\u60c5\u6cc1\u4e0b\u57f7\u884c\u547d\u4ee4\uff0c\u5f9e\u800c\u53ef\u4ee5\u96b1\u85cf\u88ab\u99ed\u8a2d\u5099\u4e0ashell\u547d\u4ee4\u7684\u57f7\u884c\u60c5\u6cc1\u3002<\/p>\n\n\n\n

     \u4ee5\u4e0b\u70ba\u53d7\u5230CVE-2024-20399\u5f71\u97ff\u7684Cisco\u4ea4\u63db\u6a5f\u8a2d\u5099 :<\/p>\n\n\n\n