Search criteria
10 vulnerabilities found for sf200-24p by cisco
VAR-201907-0394
Vulnerability from variot - Updated: 2024-11-23 23:01A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. CiscoSmallBusiness200SeriesManagedSwitches, etc. are products of Cisco. CiscoSmallBusiness200SeriesManagedSwitches is a 200 Series Managed Switch. Security vulnerabilities exist in CiscoSmallBusiness200, 300, and 500Switches. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. This issue is being tracked by Cisco Bug ID CSCvp23218.
Can change to different domain under the host header and redirect the request to fake website and can be used for phishing attack also can be used for domain fronting.
Normal Request
GET / HTTP/1.1 Host: 10.1.1.120 Accept-Encoding: gzip, deflate Accept: / Accept-Language: en-US,en-GB;q=0.9,en;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 Connection: close Cache-Control: max-age=0
Normal Response
HTTP/1.1 302 Redirect Server: GoAhead-Webs Date: Fri Mar 07 09:40:22 2014 Connection: close Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Location: https://10.21.151.120/cs703dae2c/
This document has moved to a new location. Please update your documents to reflect the new location.POC
Host Header changed to different domain (example google.com).
Request:
GET /cs703dae2c HTTP/1.1 Host: google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Cookie: activeLangId=English; isStackableDevice=false Upgrade-Insecure-Requests: 1
Response:
HTTP/1.1 302 Redirect activeLangId=English; isStackableDevice=falseServer: GoAhead-Webs Date: Fri Mar 07 09:45:26 2014 Connection: close Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Location: http://google.com/cs703dae2c/config/log_off_page.htm
This document has moved to a new location. Please update your documents to reflect the new location.The redirection is happening to http://google.com/cs703dae2c/config/log_off_page.htm. The attacker need to be in same network and should be able to modify the victims request on the wire in order to trigger this vulnerabilty.
Attack Vector:
Can be used for domain fronting.
curl -k --header "Host: attack.host.net" "domainname of the cisco device"
Vendor Response:
Issue 1: Due to the limited information given out, we are not considering it a vulnerability as such. Still, it would be better if it was not happening, so, we will treat it as a hardening enhancement.
Issue 2: The developers won't be able to provide a fix for this in the short term (90 days), so, we are planning to disclose this issue through an advisory on July 17th 2019.
We have assigned CVE CVE-2019-1943 for this issue.
Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sg200-08_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-08p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-10fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ramikan,Ramikan of CT Pentest .",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
}
],
"trust": 0.6
},
"cve": "CVE-2019-1943",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-1943",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CNVD-2019-23151",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-151875",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2019-1943",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"id": "CVE-2019-1943",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1943",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1943",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-1943",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-23151",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-779",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-151875",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user\u0027s HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. CiscoSmallBusiness200SeriesManagedSwitches, etc. are products of Cisco. CiscoSmallBusiness200SeriesManagedSwitches is a 200 Series Managed Switch. Security vulnerabilities exist in CiscoSmallBusiness200, 300, and 500Switches. \nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. \nThis issue is being tracked by Cisco Bug ID CSCvp23218. \n\n*************************************************************************************************************************************\n\nCan change to different domain under the host header and redirect the request to fake website and can be used for phishing attack also can be used for domain fronting. \n\nNormal Request\n\nGET / HTTP/1.1\nHost: 10.1.1.120\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en-US,en-GB;q=0.9,en;q=0.8\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36\nConnection: close\nCache-Control: max-age=0\n\nNormal Response\n\nHTTP/1.1 302 Redirect\nServer: GoAhead-Webs\nDate: Fri Mar 07 09:40:22 2014\nConnection: close\nPragma: no-cache\nCache-Control: no-cache\nContent-Type: text/html\nLocation: https://10.21.151.120/cs703dae2c/\n\n\u003chtml\u003e\u003chead\u003e\u003c/head\u003e\u003cbody\u003e\n This document has moved to a new \u003ca href=\"https://10.1.1.120/cs703dae2c/\"\u003elocation\u003c/a\u003e. \n Please update your documents to reflect the new location. \n \u003c/body\u003e\u003c/html\u003e\n*************************************************************************************************************************************\nPOC \n*************************************************************************************************************************************\n\nHost Header changed to different domain (example google.com). \n\nRequest:\n\nGET /cs703dae2c HTTP/1.1\nHost: google.com\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-GB,en;q=0.5\nAccept-Encoding: gzip, deflate\nConnection: close\nCookie: activeLangId=English; isStackableDevice=false\nUpgrade-Insecure-Requests: 1\n\n\nResponse:\n\nHTTP/1.1 302 Redirect\nactiveLangId=English; isStackableDevice=falseServer: GoAhead-Webs\nDate: Fri Mar 07 09:45:26 2014\nConnection: close\nPragma: no-cache\nCache-Control: no-cache\nContent-Type: text/html\nLocation: http://google.com/cs703dae2c/config/log_off_page.htm\n\n\u003chtml\u003e\u003chead\u003e\u003c/head\u003e\u003cbody\u003e\n This document has moved to a new \u003ca href=\"http://google.com/cs703dae2c/config/log_off_page.htm\"\u003elocation\u003c/a\u003e. \n Please update your documents to reflect the new location. \n \u003c/body\u003e\u003c/html\u003e\n\n\nThe redirection is happening to http://google.com/cs703dae2c/config/log_off_page.htm. The attacker need to be in same network and should be able to modify the victims request on the wire in order to trigger this vulnerabilty. \n\n*************************************************************************************************************************************\nAttack Vector:\n*************************************************************************************************************************************\nCan be used for domain fronting. \n\ncurl -k --header \"Host: attack.host.net\" \"domainname of the cisco device\"\n\n\n*************************************************************************************************************************************\nVendor Response:\n*************************************************************************************************************************************\n\nIssue 1:\nDue to the limited information given out, we are not considering it a vulnerability as such. Still, it would be better if it was not happening, so, we will treat it as a hardening enhancement. \n\nIssue 2:\nThe developers won\u0027t be able to provide a fix for this in the short term (90 days), so, we are planning to disclose this issue through an advisory on July 17th 2019. \n\nWe have assigned CVE CVE-2019-1943 for this issue. \n\nReference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect\n*************************************************************************************************************************************\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1943"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "PACKETSTORM",
"id": "153629"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1943",
"trust": 3.5
},
{
"db": "BID",
"id": "109288",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "153629",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2019070068",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2019-23151",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "43839",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "47118",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2681",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-151875",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "PACKETSTORM",
"id": "153629"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"id": "VAR-201907-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
}
],
"trust": 1.1270171866666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
}
]
},
"last_update_date": "2024-11-23T23:01:48.354000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190717-sbss-redirect",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-601",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190717-sbss-redirect"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/109288"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1943"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1943"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2019070068http"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/43839"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/153629/cisco-small-business-switch-information-leakage-open-redirect.html"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/47118"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2681/"
},
{
"trust": 0.1,
"url": "http://google.com/cs703dae2c/config/log_off_page.htm\"\u003elocation\u003c/a\u003e."
},
{
"trust": 0.1,
"url": "http://google.com/cs703dae2c/config/log_off_page.htm"
},
{
"trust": 0.1,
"url": "https://www.cisco.com/c/en/us/products/switches/small-business-300-series-managed-switches/index.html"
},
{
"trust": 0.1,
"url": "https://10.1.1.120/cs703dae2c/\"\u003elocation\u003c/a\u003e."
},
{
"trust": 0.1,
"url": "http://fact-in-hack.blogspot.com"
},
{
"trust": 0.1,
"url": "http://google.com/cs703dae2c/config/log_off_page.htm."
},
{
"trust": 0.1,
"url": "https://10.21.151.120/cs703dae2c/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "PACKETSTORM",
"id": "153629"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "PACKETSTORM",
"id": "153629"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"date": "2019-07-17T00:00:00",
"db": "VULHUB",
"id": "VHN-151875"
},
{
"date": "2019-07-17T00:00:00",
"db": "BID",
"id": "109288"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"date": "2019-07-15T02:22:22",
"db": "PACKETSTORM",
"id": "153629"
},
{
"date": "2019-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"date": "2019-07-17T21:15:12.453000",
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-151875"
},
{
"date": "2019-07-17T00:00:00",
"db": "BID",
"id": "109288"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"date": "2024-11-21T04:37:44.213000",
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Small Business Series redirect software open redirect vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
}
],
"trust": 0.6
}
}
VAR-201905-0529
Vulnerability from variot - Updated: 2024-11-23 22:58A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability. plural Cisco The product is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoSmallBusinessSwitch is the core series switch of cisco. The vulnerability stems from a network system or product that does not properly validate the input data. This issue is being tracked by Cisco Bug IDs CSCvn49346, CSCvn93730
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0529",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esw2-350g52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf250-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "esw2-550x48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500xg8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "small business esw2 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx200 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx250 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx350 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx500 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx550 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx200 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx300 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx500 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business esw2 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx250 series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx350 series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx550 series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "sx550 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx500 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx350 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx300 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx250 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx200 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5002.4.0.94"
},
{
"model": "esw2 series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:esw2_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx200_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx250_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx300_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx350_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx500_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx550_series_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Patrick S. Stuckenberger of August Manser AG",
"sources": [
{
"db": "BID",
"id": "108335"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
],
"trust": 0.9
},
"cve": "CVE-2019-1806",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-1806",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-14709",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.1,
"id": "CVE-2019-1806",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.1,
"id": "CVE-2019-1806",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-1806",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1806",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1806",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1806",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-14709",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-675",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability. plural Cisco The product is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoSmallBusinessSwitch is the core series switch of cisco. The vulnerability stems from a network system or product that does not properly validate the input data. \nThis issue is being tracked by Cisco Bug IDs CSCvn49346, CSCvn93730",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1806"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1806",
"trust": 3.3
},
{
"db": "BID",
"id": "108335",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-14709",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1752",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"id": "VAR-201905-0529",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
}
],
"trust": 1.2853298625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
}
]
},
"last_update_date": "2024-11-23T22:58:40.702000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190515-sb-snmpdos",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos"
},
{
"title": "Patches for multiple Cisco product input verification error vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/161529"
},
{
"title": "Multiple Cisco Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92799"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "CWE-400",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/108335"
},
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-sb-snmpdos"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1806"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1806"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-1806"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/81090"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"date": "2019-05-15T00:00:00",
"db": "BID",
"id": "108335"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"date": "2019-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"date": "2019-05-15T22:29:00.247000",
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"date": "2019-05-15T00:00:00",
"db": "BID",
"id": "108335"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"date": "2019-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"date": "2024-11-21T04:37:25.137000",
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Product depletion vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
],
"trust": 0.6
}
}
VAR-201811-0177
Vulnerability from variot - Updated: 2024-11-23 22:48A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability. CiscoSmallBusiness200SeriesSmartSwitches are small smart switch devices from Cisco. SmallBusinessSwitchesSoftware is a set of switch software that runs on it. This issue is being tracked by Cisco bugs CSCvk20713 and CSCvm11846
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0177",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-2f10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-24ft",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-12f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-16ft",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3500"
},
{
"model": "small business switches",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550x"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350x"
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200"
},
{
"model": "small business switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2000"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "350x0"
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:small_business_switches",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
],
"trust": 0.6
},
"cve": "CVE-2018-15439",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15439",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-00343",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125698",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-15439",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-15439",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15439",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-15439",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2018-15439",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-15439",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-00343",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-180",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-125698",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-15439",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability. CiscoSmallBusiness200SeriesSmartSwitches are small smart switch devices from Cisco. SmallBusinessSwitchesSoftware is a set of switch software that runs on it. \nThis issue is being tracked by Cisco bugs CSCvk20713 and CSCvm11846",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15439",
"trust": 3.5
},
{
"db": "BID",
"id": "105873",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-00343",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-125698",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-15439",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"id": "VAR-201811-0177",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
}
],
"trust": 1.2202628899999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
}
]
},
"last_update_date": "2024-11-23T22:48:32.513000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181107-sbsw-privacc",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc"
},
{
"title": "CiscoSmallBusinessSwitches authentication bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/149219"
},
{
"title": "Cisco Small Business Switches Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86652"
},
{
"title": "Cisco: Cisco Small Business Switches Privileged Access Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20181107-sbsw-privacc"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/critical-unpatched-cisco-flaw/141010/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181107-sbsw-privacc"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/105873"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15439"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15439"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/critical-unpatched-cisco-flaw/141010/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"date": "2018-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-125698"
},
{
"date": "2018-11-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"date": "2018-11-07T00:00:00",
"db": "BID",
"id": "105873"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"date": "2018-11-08T17:29:00.607000",
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"date": "2020-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-125698"
},
{
"date": "2020-08-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"date": "2018-11-07T00:00:00",
"db": "BID",
"id": "105873"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"date": "2024-11-21T03:50:48.200000",
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Switches Vulnerability in the use of hard-coded credentials in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
],
"trust": 0.6
}
}
VAR-201907-0237
Vulnerability from variot - Updated: 2024-11-23 22:48A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This issue is being tracked by Cisco Bug IDs CSCvp43403, and CSCvp43417
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esw2-350g52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "esw2-550x48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500xg8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.7"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.0.88"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.8.06"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.2.7.76"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.10.6"
}
],
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sf200-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-24p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg300-10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
],
"trust": 0.9
},
"cve": "CVE-2019-1891",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-1891",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-1891",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1891",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1891",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1891",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-235",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. \nThis issue is being tracked by Cisco Bug IDs CSCvp43403, and CSCvp43417",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1891"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "BID",
"id": "109039"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1891",
"trust": 2.7
},
{
"db": "BID",
"id": "109039",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.2440",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"id": "VAR-201907-0237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33338292999999997
},
"last_update_date": "2024-11-23T22:48:22.054000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190703-sbss-dos",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-dos"
},
{
"title": "Cisco\u00a0Small Business 200 , 300 and 500 Series Managed Switches Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94424"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-dos"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1891"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1891"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-memcorrupt"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/109039"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2440/"
}
],
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109039"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"date": "2019-07-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"date": "2019-07-06T02:15:11.183000",
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109039"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"date": "2019-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"date": "2024-11-21T04:37:37.573000",
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Small Business Series Managed Switch Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
],
"trust": 0.6
}
}
VAR-201907-0231
Vulnerability from variot - Updated: 2024-11-23 22:48A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition. Cisco Small Business 200 , 300 , 500 Series Managed Switch Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. are all products of Cisco. This issue is being tracked by Cisco Bug ID CSCvp43390
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0231",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esw2-350g52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "esw2-550x48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500xg8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200\u003c1.4.10.6"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300\u003c1.4.10.6"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500\u003c1.4.10.6"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.7"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.0.88"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.8.06"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.2.7.76"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.9.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.10.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sf200-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-24p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg300-10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco.",
"sources": [
{
"db": "BID",
"id": "109042"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
],
"trust": 0.9
},
"cve": "CVE-2019-1892",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-1892",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-22321",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-1892",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1892",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1892",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1892",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-22321",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-236",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition. Cisco Small Business 200 , 300 , 500 Series Managed Switch Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. are all products of Cisco. \nThis issue is being tracked by Cisco Bug ID CSCvp43390",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1892"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1892",
"trust": 3.3
},
{
"db": "BID",
"id": "109042",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-22321",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2440",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"id": "VAR-201907-0231",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
}
],
"trust": 1.0514219533333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
}
]
},
"last_update_date": "2024-11-23T22:48:22.019000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190703-sbss-memcorrupt",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-memcorrupt"
},
{
"title": "Patch for Cisco Small Business 200, 300, and 500 Series Managed Switches buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/213517"
},
{
"title": "Cisco\u00a0Small Business 200 , 300 and 500 Series Managed Switches Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94425"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1892"
},
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-memcorrupt"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1892"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-dos"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/109042"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2440/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109042"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"date": "2019-07-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"date": "2019-07-06T02:15:11.293000",
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109042"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"date": "2019-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"date": "2024-11-21T04:37:37.757000",
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Small Business Series Managed Switch Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
],
"trust": 0.6
}
}
VAR-201905-0600
Vulnerability from variot - Updated: 2024-11-23 22:33A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. An attacker could exploit this vulnerability by attempting to connect to the device via SSH. A successful exploit could allow the attacker to access the configuration as an administrative user if the default credentials are not changed. There are no workarounds available; however, if client-side certificate authentication is enabled, disable it and use strong password authentication. Client-side certificate authentication is disabled by default. Cisco Small Business Switches There is an authorization vulnerability in the software.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. This issue is being tracked by Cisco bugs CSCvo28588, CSCvp35704
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0600",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350xg-24t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350xg-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-24fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350xg-2f10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350xg-48t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-10fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf250-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "200 series smart switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "250 series smart switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350x series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "500 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5002.4.0.92"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.2.04"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.2.04"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.4.5.71"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.3.0.130"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.2.5.68"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "350x2.4.5.71"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.4.5.71"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.3.0.130"
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2502.4.5.71"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.10.6"
},
{
"model": "small business series smart switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.10.6"
},
{
"model": "series stackable managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.5.0.78"
},
{
"model": "series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "350x2.5.0.78"
},
{
"model": "series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.5.0.78"
},
{
"model": "series smart switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2502.5.0.78"
}
],
"sources": [
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:200_series_smart_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:250_series_smart_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:350x_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:500_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_300_series_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Katie Sexton and Jimi Sebree of Tenable Research.,Katie Sexton and Jimi Sebree of Tenable Research for reporting these vulnerabilities.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
],
"trust": 0.6
},
"cve": "CVE-2019-1859",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2019-1859",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2019-1859",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2019-1859",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1859",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1859",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1859",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-054",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-1859",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. An attacker could exploit this vulnerability by attempting to connect to the device via SSH. A successful exploit could allow the attacker to access the configuration as an administrative user if the default credentials are not changed. There are no workarounds available; however, if client-side certificate authentication is enabled, disable it and use strong password authentication. Client-side certificate authentication is disabled by default. Cisco Small Business Switches There is an authorization vulnerability in the software.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nAn attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. \nThis issue is being tracked by Cisco bugs CSCvo28588, CSCvp35704",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1859"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "VULMON",
"id": "CVE-2019-1859"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1859",
"trust": 2.8
},
{
"db": "BID",
"id": "108140",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1536",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-1859",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"id": "VAR-201905-0600",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4270171866666667
},
"last_update_date": "2024-11-23T22:33:55.680000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190501-scbv",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-scbv"
},
{
"title": "Multiple Cisco Product Authorization Issue Vulnerability Fixing Measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92197"
},
{
"title": "Cisco: Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190501-scbv"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-critical-nexus-9000-flaw/144290/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-285",
"trust": 1.8
},
{
"problemtype": "CWE-295",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-scbv"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1859"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1859"
},
{
"trust": 0.7,
"url": "https://www.securityfocus.com/bid/108140"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80182"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-critical-nexus-9000-flaw/144290/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-03T00:00:00",
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"date": "2019-05-01T00:00:00",
"db": "BID",
"id": "108140"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"date": "2019-05-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"date": "2019-05-03T17:29:01.500000",
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"date": "2019-05-01T00:00:00",
"db": "BID",
"id": "108140"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"date": "2024-11-21T04:37:32.957000",
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Switches Authorization vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
],
"trust": 0.6
}
}
VAR-201910-0374
Vulnerability from variot - Updated: 2024-11-23 22:29A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or cause a denial of service (DoS) condition on an affected device. Cisco 250 Series Smart Switches, etc. are products of the United States Cisco (Cisco). The Cisco 250 Series Smart Switches is a 250 series smart switch. The Cisco 350 Series Managed Switches is a 350 series managed switch. 550X Series Stackable Managed Switches is a 550X Series managed switch. The vulnerability stems from the program's failure to provide adequate cross-site request forgery protection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-0374",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sf250x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200e-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-26hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200-24fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11"
},
{
"model": "sf250x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200e-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-10fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-50hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-48hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200e48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-08hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200e-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-50fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-26fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "250 series smart switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "550x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:250_series_smart_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_550x_series_stackable_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marcin Mol of Securitum, Poland .",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
}
],
"trust": 0.6
},
"cve": "CVE-2019-12636",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-12636",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-39610",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-12636",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-12636",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-12636",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-12636",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-12636",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-12636",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-39610",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-1107",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or cause a denial of service (DoS) condition on an affected device. Cisco 250 Series Smart Switches, etc. are products of the United States Cisco (Cisco). The Cisco 250 Series Smart Switches is a 250 series smart switch. The Cisco 350 Series Managed Switches is a 350 series managed switch. 550X Series Stackable Managed Switches is a 550X Series managed switch. The vulnerability stems from the program\u0027s failure to provide adequate cross-site request forgery protection",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12636"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNVD",
"id": "CNVD-2019-39610"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12636",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-39610",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3882",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3882.2",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"id": "VAR-201910-0374",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
}
],
"trust": 0.9159721999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
}
]
},
"last_update_date": "2024-11-23T22:29:52.351000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20191016-sbss-csrfCVE-2019-12636",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-sbss-csrf"
},
{
"title": "Patch for Cisco 250 Series Smart Switches, 350 Series Managed Switches, and 550X Series Stackable Managed Switches Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/189157"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-sbss-csrf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12636"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12636"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-sbss-xss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3882/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3882.2/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"date": "2019-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"date": "2019-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"date": "2019-10-16T19:15:10.987000",
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"date": "2019-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"date": "2020-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"date": "2024-11-21T04:23:14.233000",
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Smart and Managed Switch Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
}
],
"trust": 0.6
}
}
VAR-202008-0830
Vulnerability from variot - Updated: 2024-11-23 22:25A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the switch management CLI to stop responding, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-0830",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg200-26fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf350-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-26p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-52mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-26hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-50p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-24fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf350-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-2f10",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-24f",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-50p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10sfp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-50hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf350-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-28",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-28p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-52",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-52p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-48pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-52mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-50",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-18",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-10fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg355-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-12f",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-10mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-50",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-24t",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-52",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-24f",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-18",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-50fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-28",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-26",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-16ft",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-26p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-08hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-24ft",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-52p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-28mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-10",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-48t",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-28mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-26",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-08p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-20",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500xg-8f8t",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-48hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-52",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-28p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-08",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business smart and managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sg200-08_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-08p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-10fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
}
]
},
"cve": "CVE-2020-3496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3496",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010444",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-48989",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3496",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3496",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010444",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-3496",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3496",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-010444",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-48989",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202008-979",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the switch management CLI to stop responding, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNVD",
"id": "CNVD-2020-48989"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3496",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-48989",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2859",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "48759",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"id": "VAR-202008-0830",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
}
]
},
"last_update_date": "2024-11-23T22:25:23.409000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sbss-ipv6-dos-tsgqbffW",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbffW"
},
{
"title": "Patch for Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/232054"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbss-ipv6-dos-tsgqbffw"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3496"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3496"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48759"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2859/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"date": "2021-01-18T07:48:14",
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"date": "2020-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"date": "2020-08-26T17:15:14.210000",
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"date": "2021-01-18T07:48:14",
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"date": "2024-11-21T05:31:11.363000",
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Smart and Managed Switch Input verification vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
}
],
"trust": 0.6
}
}
VAR-202305-1746
Vulnerability from variot - Updated: 2024-08-14 13:20Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-1746",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "business 350-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24s-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-2f10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24mgp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-12pmv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12np-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-8pmd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48xt-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8s-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mgp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-18p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250\u003c=2.5.9.15"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350\u003c=2.5.9.15"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350x\u003c=2.5.9.15"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550x\u003c=2.5.9.15"
},
{
"model": "business series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250\u003c=3.3.0.15"
},
{
"model": "business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350\u003c=3.3.0.15"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200\u003c=2.5.9.15"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300\u003c=2.5.9.15"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500\u003c=2.5.9.15"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"cve": "CVE-2023-20161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-40906",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20161",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20161",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-20161",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-20161",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2023-20161",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-20161",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2023-40906",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202305-1733",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-20161",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-40906",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2892",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-20161",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"id": "VAR-202305-1746",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
}
],
"trust": 1.0270171866666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
}
]
},
"last_update_date": "2024-08-14T13:20:44.036000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sg-web-multi-S9g4Nkgv",
"trust": 0.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv"
},
{
"title": "Patch for Cisco Small Business Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/429251"
},
{
"title": "Cisco Small Business Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=239229"
},
{
"title": "Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sg-web-multi-S9g4Nkgv"
},
{
"title": null,
"trust": 0.1,
"url": "https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20161"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-20161/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2892"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"date": "2023-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"date": "2023-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"date": "2023-05-18T03:15:10.337000",
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"date": "2023-12-12T07:25:00",
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"date": "2023-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"date": "2023-11-07T04:06:19.453000",
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
}
],
"trust": 0.6
}
}
VAR-202305-1743
Vulnerability from variot - Updated: 2024-08-14 13:20Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Service operation interruption (DoS) It may be in a state. Cisco Small Business Series Switches are switch products of the American company Cisco.
Cisco Small Business Series Switches have a heap buffer overflow vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-1743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "business 350-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24s-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-2f10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24mgp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-12pmv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12np-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-8pmd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48xt-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8s-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mgp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-18p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "small business series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"cve": "CVE-2023-20024",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-85954",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20024",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20024",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-20024",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-20024",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2023-20024",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-20024",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-85954",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202305-1727",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Service operation interruption (DoS) It may be in a state. Cisco Small Business Series Switches are switch products of the American company Cisco. \n\r\n\r\nCisco Small Business Series Switches have a heap buffer overflow vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-20024",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-85954",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2892",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-20024",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"id": "VAR-202305-1743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
}
]
},
"last_update_date": "2024-08-14T13:20:43.965000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sg-web-multi-S9g4Nkgv",
"trust": 0.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv"
},
{
"title": "Patch for Heap Buffer Overflow Vulnerability in Cisco Small Business Series Switches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/478341"
},
{
"title": "Cisco Small Business Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=239223"
},
{
"title": "Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sg-web-multi-S9g4Nkgv"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20024"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2892"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-20024/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"date": "2023-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"date": "2023-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"date": "2023-05-18T03:15:09.590000",
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"date": "2023-12-12T05:23:00",
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"date": "2023-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"date": "2023-11-07T04:05:46.733000",
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
}
],
"trust": 0.6
}
}