Search criteria
15 vulnerabilities found for sg500-28mpp by cisco
VAR-202209-1859
Vulnerability from variot - Updated: 2025-11-18 15:12Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.CVE-2021-27853 Affected CVE-2021-27854 Affected CVE-2021-27861 Affected CVE-2021-27862 AffectedCVE-2021-27853 Affected CVE-2021-27854 Affected CVE-2021-27861 Affected CVE-2021-27862 Affected. IEEE of ieee 802.2 Products from multiple other vendors contain vulnerabilities related to authentication bypass through spoofing.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202209-1859",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "meraki ms420",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 93108tc-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9464px",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9736pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus x9636q-r",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms350",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 9516",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9736c-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6509-v-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 93108tc-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-c9348d-gx2a",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf-500-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "meraki ms250",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 9364c-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9636c-rx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9336c-fx2-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-18p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "17.4.1"
},
{
"model": "meraki ms450",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "catalyst 6503-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x9788tc-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9716d-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 93108tc-fx3p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9636pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9636c-r",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "sg500x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 92160yc-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst c6840-x-le-40g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "sg500-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "802.2",
"scope": "lte",
"trust": 1.0,
"vendor": "ieee",
"version": "802.2h-1997"
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "catalyst 6880-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 93240yc-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6506-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x9564px",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9508",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-c93600cd-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500x-48mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "17.6.1"
},
{
"model": "nexus 92348gc-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9536pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms390",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 6509-neb-a",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst 6509-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x9732c-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms425",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 9236c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9504",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 93120tx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9364c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9464tx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9732c-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms410",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 93216tc-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-c9364d-gx2a",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(07\\)e03"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(07\\)e02"
},
{
"model": "meraki ms210",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 93180yc-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 92304qc",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6513-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst c6824-x-le-40g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst c6832-x-le",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 92300yc",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 93360yc-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 93180yc-fx3",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9348gc-fxp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-c9316d-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9272q",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6800ia",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst 6840-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 9800",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "catalyst 6504-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 93180yc-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-x9564tx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-x9432c-s",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "17.3.3"
},
{
"model": "n9k-x9736c-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-c9332d-gx2b",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "p802.1q",
"scope": "lte",
"trust": 1.0,
"vendor": "ietf",
"version": "d1.0"
},
{
"model": "catalyst 6807-xl",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 9432pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9336c-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9332c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms355",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst c6816-x-le",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x97160yc-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms225",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "cisco ios xe",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "802.2",
"scope": null,
"trust": 0.8,
"vendor": "ieee",
"version": null
},
{
"model": "catalyst 6509-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6840-x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6509-neb-a",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6506-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6816-x-le",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "ios xe",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6824-x-le-40g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6509-v-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "p802.1q",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u6280\u8853\u30bf\u30b9\u30af\u30d5\u30a9\u30fc\u30b9 ietf",
"version": null
},
{
"model": "catalyst 6880-x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6807-xl",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6832-x-le",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6800ia",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6840-x-le-40g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6503-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6504-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6513-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Timur Snoke.Statement Date:\u00a0\u00a0 September 27, 2022",
"sources": [
{
"db": "CERT/CC",
"id": "VU#855201"
}
],
"trust": 0.8
},
"cve": "CVE-2021-27853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27853",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-27853",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27853",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2021-27853",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-27853",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202209-2794",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.CVE-2021-27853 Affected\nCVE-2021-27854 Affected\nCVE-2021-27861 Affected\nCVE-2021-27862 AffectedCVE-2021-27853 Affected\nCVE-2021-27854 Affected\nCVE-2021-27861 Affected\nCVE-2021-27862 Affected. IEEE of ieee 802.2 Products from multiple other vendors contain vulnerabilities related to authentication bypass through spoofing.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27853"
},
{
"db": "CERT/CC",
"id": "VU#855201"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "VULMON",
"id": "CVE-2021-27853"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-27853",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#855201",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.4805",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27853",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#855201"
},
{
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"id": "VAR-202209-1859",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2025-11-18T15:12:14.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "draft-ietf-v6ops-ra-guard-08 Cisco Systems Cisco\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://standards.ieee.org/ieee/802.1Q/10323/"
},
{
"title": "Multiple Cisco Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=209667"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-290",
"trust": 1.0
},
{
"problemtype": "Avoid authentication by spoofing (CWE-290) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://blog.champtar.fr/vlan0_llc_snap/"
},
{
"trust": 2.4,
"url": "https://kb.cert.org/vuls/id/855201"
},
{
"trust": 1.7,
"url": "https://standards.ieee.org/ieee/802.2/1048/"
},
{
"trust": 1.7,
"url": "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/"
},
{
"trust": 1.7,
"url": "https://standards.ieee.org/ieee/802.1q/10323/"
},
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-vu855201-j3z8cktx"
},
{
"trust": 1.0,
"url": "https://www.kb.cert.org/vuls/id/855201"
},
{
"trust": 0.8,
"url": "https://jvn.jp/ta/jvnta96784241/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27853"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-27853/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4805"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-juniper-ingress-filtrering-bypass-via-layer-2-39380"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#855201"
},
{
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-27T00:00:00",
"db": "CERT/CC",
"id": "VU#855201"
},
{
"date": "2022-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"date": "2022-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"date": "2023-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"date": "2022-09-27T18:15:09.527000",
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-03T00:00:00",
"db": "CERT/CC",
"id": "VU#855201"
},
{
"date": "2022-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"date": "2022-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"date": "2023-10-20T06:17:00",
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"date": "2025-11-04T20:15:59.233000",
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers",
"sources": [
{
"db": "CERT/CC",
"id": "VU#855201"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
}
],
"trust": 0.6
}
}
VAR-201709-1073
Vulnerability from variot - Updated: 2025-04-20 23:42A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. This vulnerability affects the following Cisco products when SSH is enabled: Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvb48377. plural Cisco The product contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvb48377 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoSmallBusiness300SeriesManagedSwitches, etc. are all Cisco (Cisco) switch devices. SecureShell (SSH) subsystem is one of the data encryption transmission subsystems. A denial of service vulnerability exists in the SSH subsystem of several Cisco products due to a program failing to properly handle SSH connections
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "esw2-350g-52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "esw2-350g-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350xg-48t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "esw2-550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg350xg-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg350x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "esw2-550x-48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350xg-24t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg350x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg350x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "sg350xg-2f10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.0.130"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3500"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "350x0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "550x0"
},
{
"model": "esw2 series advanced switches",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series stackable managed switch",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "5000"
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "550x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "esw2 series expansion switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 500 series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 350 series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 500 series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "esw2 series advanced switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 550x series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 350x series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.8.06"
},
{
"model": "small business series managed switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.8.06"
},
{
"model": "esw2 series advanced switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.8.06"
},
{
"model": "series stackable managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.3.0.130"
},
{
"model": "series stackable managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "350x2.3.0.130"
},
{
"model": "series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.3.0.130"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "BID",
"id": "100933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350x_series_stackable_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_550x_series_stackable_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:esw2_series_advanced_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_300_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_500_series_stackable_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alessandro Celestra of TLogos.",
"sources": [
{
"db": "BID",
"id": "100933"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6720",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2017-6720",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6720",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-34211",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-114923",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2017-6720",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6720",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-6720",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-6720",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-34211",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-1028",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114923",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "VULHUB",
"id": "VHN-114923"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. This vulnerability affects the following Cisco products when SSH is enabled: Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvb48377. plural Cisco The product contains a buffer error vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvb48377 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoSmallBusiness300SeriesManagedSwitches, etc. are all Cisco (Cisco) switch devices. SecureShell (SSH) subsystem is one of the data encryption transmission subsystems. A denial of service vulnerability exists in the SSH subsystem of several Cisco products due to a program failing to properly handle SSH connections",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6720"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "BID",
"id": "100933"
},
{
"db": "VULHUB",
"id": "VHN-114923"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6720",
"trust": 3.4
},
{
"db": "BID",
"id": "100933",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34211",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114923",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "VULHUB",
"id": "VHN-114923"
},
{
"db": "BID",
"id": "100933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"id": "VAR-201709-1073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "VULHUB",
"id": "VHN-114923"
}
],
"trust": 1.03338293
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
}
]
},
"last_update_date": "2025-04-20T23:42:06.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170920-sbms",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-sbms"
},
{
"title": "Patch for CiscoSmallBusinessManagedSwitches Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/104610"
},
{
"title": "Multiple Cisco product SSH Subsystem security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75044"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114923"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170920-sbms"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/100933"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6720"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6720"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "VULHUB",
"id": "VHN-114923"
},
{
"db": "BID",
"id": "100933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"db": "VULHUB",
"id": "VHN-114923"
},
{
"db": "BID",
"id": "100933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"date": "2017-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-114923"
},
{
"date": "2017-09-20T00:00:00",
"db": "BID",
"id": "100933"
},
{
"date": "2017-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"date": "2017-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"date": "2017-09-21T05:29:01.043000",
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34211"
},
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-114923"
},
{
"date": "2017-09-20T00:00:00",
"db": "BID",
"id": "100933"
},
{
"date": "2017-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008421"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1028"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-6720"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008421"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1028"
}
],
"trust": 0.6
}
}
VAR-202001-1199
Vulnerability from variot - Updated: 2024-11-23 23:11A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This vulnerability affects firmware releases prior than 1.3.7.18
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-1199",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-24fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-10fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-50fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-26fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "cisco sg200-08p",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-08",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-10fp",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-26fp",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-50fp",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "small business switches",
"scope": "lt",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3.7.18"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"cve": "CVE-2020-3147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3147",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-04819",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3147",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3147",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-3147",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-3147",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3147",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-3147",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-04819",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-1345",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1345"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This vulnerability affects firmware releases prior than 1.3.7.18",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3147"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "CNVD",
"id": "CNVD-2020-04819"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3147",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-04819",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1345",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1345"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"id": "VAR-202001-1199",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
}
]
},
"last_update_date": "2024-11-23T23:11:35.220000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-smlbus-switch-dos-R6VquS2u",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smlbus-switch-dos-R6VquS2u"
},
{
"title": "Patch for Cisco Small Business Switches web UI denial of service vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/200969"
},
{
"title": "Cisco Small Business Switches Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=109804"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1345"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Incorrect input confirmation (CWE-20) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3147"
},
{
"trust": 1.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smlbus-switch-dos-r6vqus2u"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1345"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-1345"
},
{
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"date": "2020-02-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"date": "2020-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-1345"
},
{
"date": "2020-01-30T19:15:11.790000",
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-04819"
},
{
"date": "2020-02-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001525"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-1345"
},
{
"date": "2024-11-21T05:30:25.373000",
"db": "NVD",
"id": "CVE-2020-3147"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco\u00a0Small\u00a0Business\u00a0Switch\u00a0 Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001525"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-1345"
}
],
"trust": 0.6
}
}
VAR-201907-0394
Vulnerability from variot - Updated: 2024-11-23 23:01A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. CiscoSmallBusiness200SeriesManagedSwitches, etc. are products of Cisco. CiscoSmallBusiness200SeriesManagedSwitches is a 200 Series Managed Switch. Security vulnerabilities exist in CiscoSmallBusiness200, 300, and 500Switches. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. This issue is being tracked by Cisco Bug ID CSCvp23218.
Can change to different domain under the host header and redirect the request to fake website and can be used for phishing attack also can be used for domain fronting.
Normal Request
GET / HTTP/1.1 Host: 10.1.1.120 Accept-Encoding: gzip, deflate Accept: / Accept-Language: en-US,en-GB;q=0.9,en;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 Connection: close Cache-Control: max-age=0
Normal Response
HTTP/1.1 302 Redirect Server: GoAhead-Webs Date: Fri Mar 07 09:40:22 2014 Connection: close Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Location: https://10.21.151.120/cs703dae2c/
This document has moved to a new location. Please update your documents to reflect the new location.POC
Host Header changed to different domain (example google.com).
Request:
GET /cs703dae2c HTTP/1.1 Host: google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Cookie: activeLangId=English; isStackableDevice=false Upgrade-Insecure-Requests: 1
Response:
HTTP/1.1 302 Redirect activeLangId=English; isStackableDevice=falseServer: GoAhead-Webs Date: Fri Mar 07 09:45:26 2014 Connection: close Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Location: http://google.com/cs703dae2c/config/log_off_page.htm
This document has moved to a new location. Please update your documents to reflect the new location.The redirection is happening to http://google.com/cs703dae2c/config/log_off_page.htm. The attacker need to be in same network and should be able to modify the victims request on the wire in order to trigger this vulnerabilty.
Attack Vector:
Can be used for domain fronting.
curl -k --header "Host: attack.host.net" "domainname of the cisco device"
Vendor Response:
Issue 1: Due to the limited information given out, we are not considering it a vulnerability as such. Still, it would be better if it was not happening, so, we will treat it as a hardening enhancement.
Issue 2: The developers won't be able to provide a fix for this in the short term (90 days), so, we are planning to disclose this issue through an advisory on July 17th 2019.
We have assigned CVE CVE-2019-1943 for this issue.
Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg500-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.7.18"
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sg200-08_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-08p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-10fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ramikan,Ramikan of CT Pentest .",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
}
],
"trust": 0.6
},
"cve": "CVE-2019-1943",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-1943",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CNVD-2019-23151",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-151875",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2019-1943",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"id": "CVE-2019-1943",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1943",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1943",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-1943",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-23151",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-779",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-151875",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user\u0027s HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. CiscoSmallBusiness200SeriesManagedSwitches, etc. are products of Cisco. CiscoSmallBusiness200SeriesManagedSwitches is a 200 Series Managed Switch. Security vulnerabilities exist in CiscoSmallBusiness200, 300, and 500Switches. \nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible. \nThis issue is being tracked by Cisco Bug ID CSCvp23218. \n\n*************************************************************************************************************************************\n\nCan change to different domain under the host header and redirect the request to fake website and can be used for phishing attack also can be used for domain fronting. \n\nNormal Request\n\nGET / HTTP/1.1\nHost: 10.1.1.120\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en-US,en-GB;q=0.9,en;q=0.8\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36\nConnection: close\nCache-Control: max-age=0\n\nNormal Response\n\nHTTP/1.1 302 Redirect\nServer: GoAhead-Webs\nDate: Fri Mar 07 09:40:22 2014\nConnection: close\nPragma: no-cache\nCache-Control: no-cache\nContent-Type: text/html\nLocation: https://10.21.151.120/cs703dae2c/\n\n\u003chtml\u003e\u003chead\u003e\u003c/head\u003e\u003cbody\u003e\n This document has moved to a new \u003ca href=\"https://10.1.1.120/cs703dae2c/\"\u003elocation\u003c/a\u003e. \n Please update your documents to reflect the new location. \n \u003c/body\u003e\u003c/html\u003e\n*************************************************************************************************************************************\nPOC \n*************************************************************************************************************************************\n\nHost Header changed to different domain (example google.com). \n\nRequest:\n\nGET /cs703dae2c HTTP/1.1\nHost: google.com\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-GB,en;q=0.5\nAccept-Encoding: gzip, deflate\nConnection: close\nCookie: activeLangId=English; isStackableDevice=false\nUpgrade-Insecure-Requests: 1\n\n\nResponse:\n\nHTTP/1.1 302 Redirect\nactiveLangId=English; isStackableDevice=falseServer: GoAhead-Webs\nDate: Fri Mar 07 09:45:26 2014\nConnection: close\nPragma: no-cache\nCache-Control: no-cache\nContent-Type: text/html\nLocation: http://google.com/cs703dae2c/config/log_off_page.htm\n\n\u003chtml\u003e\u003chead\u003e\u003c/head\u003e\u003cbody\u003e\n This document has moved to a new \u003ca href=\"http://google.com/cs703dae2c/config/log_off_page.htm\"\u003elocation\u003c/a\u003e. \n Please update your documents to reflect the new location. \n \u003c/body\u003e\u003c/html\u003e\n\n\nThe redirection is happening to http://google.com/cs703dae2c/config/log_off_page.htm. The attacker need to be in same network and should be able to modify the victims request on the wire in order to trigger this vulnerabilty. \n\n*************************************************************************************************************************************\nAttack Vector:\n*************************************************************************************************************************************\nCan be used for domain fronting. \n\ncurl -k --header \"Host: attack.host.net\" \"domainname of the cisco device\"\n\n\n*************************************************************************************************************************************\nVendor Response:\n*************************************************************************************************************************************\n\nIssue 1:\nDue to the limited information given out, we are not considering it a vulnerability as such. Still, it would be better if it was not happening, so, we will treat it as a hardening enhancement. \n\nIssue 2:\nThe developers won\u0027t be able to provide a fix for this in the short term (90 days), so, we are planning to disclose this issue through an advisory on July 17th 2019. \n\nWe have assigned CVE CVE-2019-1943 for this issue. \n\nReference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect\n*************************************************************************************************************************************\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1943"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "PACKETSTORM",
"id": "153629"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1943",
"trust": 3.5
},
{
"db": "BID",
"id": "109288",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "153629",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2019070068",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2019-23151",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "43839",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "47118",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2681",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-151875",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "PACKETSTORM",
"id": "153629"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"id": "VAR-201907-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
}
],
"trust": 1.1270171866666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
}
]
},
"last_update_date": "2024-11-23T23:01:48.354000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190717-sbss-redirect",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-601",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190717-sbss-redirect"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/109288"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1943"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1943"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2019070068http"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/43839"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/153629/cisco-small-business-switch-information-leakage-open-redirect.html"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/47118"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2681/"
},
{
"trust": 0.1,
"url": "http://google.com/cs703dae2c/config/log_off_page.htm\"\u003elocation\u003c/a\u003e."
},
{
"trust": 0.1,
"url": "http://google.com/cs703dae2c/config/log_off_page.htm"
},
{
"trust": 0.1,
"url": "https://www.cisco.com/c/en/us/products/switches/small-business-300-series-managed-switches/index.html"
},
{
"trust": 0.1,
"url": "https://10.1.1.120/cs703dae2c/\"\u003elocation\u003c/a\u003e."
},
{
"trust": 0.1,
"url": "http://fact-in-hack.blogspot.com"
},
{
"trust": 0.1,
"url": "http://google.com/cs703dae2c/config/log_off_page.htm."
},
{
"trust": 0.1,
"url": "https://10.21.151.120/cs703dae2c/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "PACKETSTORM",
"id": "153629"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"db": "VULHUB",
"id": "VHN-151875"
},
{
"db": "BID",
"id": "109288"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"db": "PACKETSTORM",
"id": "153629"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"date": "2019-07-17T00:00:00",
"db": "VULHUB",
"id": "VHN-151875"
},
{
"date": "2019-07-17T00:00:00",
"db": "BID",
"id": "109288"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"date": "2019-07-15T02:22:22",
"db": "PACKETSTORM",
"id": "153629"
},
{
"date": "2019-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"date": "2019-07-17T21:15:12.453000",
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23151"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-151875"
},
{
"date": "2019-07-17T00:00:00",
"db": "BID",
"id": "109288"
},
{
"date": "2019-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007074"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-779"
},
{
"date": "2024-11-21T04:37:44.213000",
"db": "NVD",
"id": "CVE-2019-1943"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Small Business Series redirect software open redirect vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007074"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-779"
}
],
"trust": 0.6
}
}
VAR-201905-0529
Vulnerability from variot - Updated: 2024-11-23 22:58A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability. plural Cisco The product is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoSmallBusinessSwitch is the core series switch of cisco. The vulnerability stems from a network system or product that does not properly validate the input data. This issue is being tracked by Cisco Bug IDs CSCvn49346, CSCvn93730
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0529",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esw2-350g52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf250-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "esw2-550x48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500xg8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "small business esw2 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx200 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx250 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx350 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx500 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx550 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx200 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx300 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx500 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business esw2 series managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx250 series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx350 series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business sx550 series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "sx550 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx500 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx350 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx300 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx250 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sx200 switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5002.4.0.94"
},
{
"model": "esw2 series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:esw2_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx200_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx250_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx300_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx350_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx500_series_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sx550_series_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Patrick S. Stuckenberger of August Manser AG",
"sources": [
{
"db": "BID",
"id": "108335"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
],
"trust": 0.9
},
"cve": "CVE-2019-1806",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-1806",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-14709",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.1,
"id": "CVE-2019-1806",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.1,
"id": "CVE-2019-1806",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-1806",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1806",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1806",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1806",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-14709",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-675",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability. plural Cisco The product is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoSmallBusinessSwitch is the core series switch of cisco. The vulnerability stems from a network system or product that does not properly validate the input data. \nThis issue is being tracked by Cisco Bug IDs CSCvn49346, CSCvn93730",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1806"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1806",
"trust": 3.3
},
{
"db": "BID",
"id": "108335",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-14709",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1752",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"id": "VAR-201905-0529",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
}
],
"trust": 1.2853298625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
}
]
},
"last_update_date": "2024-11-23T22:58:40.702000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190515-sb-snmpdos",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos"
},
{
"title": "Patches for multiple Cisco product input verification error vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/161529"
},
{
"title": "Multiple Cisco Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92799"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "CWE-400",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/108335"
},
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-sb-snmpdos"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1806"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1806"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-1806"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/81090"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"db": "BID",
"id": "108335"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"date": "2019-05-15T00:00:00",
"db": "BID",
"id": "108335"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"date": "2019-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"date": "2019-05-15T22:29:00.247000",
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14709"
},
{
"date": "2019-05-15T00:00:00",
"db": "BID",
"id": "108335"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004726"
},
{
"date": "2019-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-675"
},
{
"date": "2024-11-21T04:37:25.137000",
"db": "NVD",
"id": "CVE-2019-1806"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Product depletion vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004726"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-675"
}
],
"trust": 0.6
}
}
VAR-201811-0177
Vulnerability from variot - Updated: 2024-11-23 22:48A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability. CiscoSmallBusiness200SeriesSmartSwitches are small smart switch devices from Cisco. SmallBusinessSwitchesSoftware is a set of switch software that runs on it. This issue is being tracked by Cisco bugs CSCvk20713 and CSCvm11846
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0177",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-2f10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-24ft",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-12f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-16ft",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sx550x-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3500"
},
{
"model": "small business switches",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550x"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350x"
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200"
},
{
"model": "small business switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2000"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "350x0"
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:small_business_switches",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
],
"trust": 0.6
},
"cve": "CVE-2018-15439",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15439",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-00343",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125698",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-15439",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-15439",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15439",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-15439",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2018-15439",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-15439",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-00343",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-180",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-125698",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-15439",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability. CiscoSmallBusiness200SeriesSmartSwitches are small smart switch devices from Cisco. SmallBusinessSwitchesSoftware is a set of switch software that runs on it. \nThis issue is being tracked by Cisco bugs CSCvk20713 and CSCvm11846",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15439",
"trust": 3.5
},
{
"db": "BID",
"id": "105873",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-00343",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-125698",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-15439",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"id": "VAR-201811-0177",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
}
],
"trust": 1.2202628899999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
}
]
},
"last_update_date": "2024-11-23T22:48:32.513000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181107-sbsw-privacc",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc"
},
{
"title": "CiscoSmallBusinessSwitches authentication bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/149219"
},
{
"title": "Cisco Small Business Switches Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86652"
},
{
"title": "Cisco: Cisco Small Business Switches Privileged Access Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20181107-sbsw-privacc"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/critical-unpatched-cisco-flaw/141010/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181107-sbsw-privacc"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/105873"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15439"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15439"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/critical-unpatched-cisco-flaw/141010/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"db": "VULHUB",
"id": "VHN-125698"
},
{
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"db": "BID",
"id": "105873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"date": "2018-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-125698"
},
{
"date": "2018-11-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"date": "2018-11-07T00:00:00",
"db": "BID",
"id": "105873"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"date": "2018-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"date": "2018-11-08T17:29:00.607000",
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00343"
},
{
"date": "2020-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-125698"
},
{
"date": "2020-08-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15439"
},
{
"date": "2018-11-07T00:00:00",
"db": "BID",
"id": "105873"
},
{
"date": "2019-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011646"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-180"
},
{
"date": "2024-11-21T03:50:48.200000",
"db": "NVD",
"id": "CVE-2018-15439"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Switches Vulnerability in the use of hard-coded credentials in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011646"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-180"
}
],
"trust": 0.6
}
}
VAR-201907-0237
Vulnerability from variot - Updated: 2024-11-23 22:48A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This issue is being tracked by Cisco Bug IDs CSCvp43403, and CSCvp43417
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esw2-350g52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "esw2-550x48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500xg8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.7"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.0.88"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.8.06"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.2.7.76"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.10.6"
}
],
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sf200-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-24p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg300-10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
],
"trust": 0.9
},
"cve": "CVE-2019-1891",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-1891",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-1891",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1891",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1891",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1891",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-235",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. \nThis issue is being tracked by Cisco Bug IDs CSCvp43403, and CSCvp43417",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1891"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "BID",
"id": "109039"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1891",
"trust": 2.7
},
{
"db": "BID",
"id": "109039",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.2440",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"id": "VAR-201907-0237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33338292999999997
},
"last_update_date": "2024-11-23T22:48:22.054000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190703-sbss-dos",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-dos"
},
{
"title": "Cisco\u00a0Small Business 200 , 300 and 500 Series Managed Switches Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94424"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-dos"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1891"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1891"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-memcorrupt"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/109039"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2440/"
}
],
"sources": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "109039"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109039"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"date": "2019-07-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"date": "2019-07-06T02:15:11.183000",
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109039"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006440"
},
{
"date": "2019-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-235"
},
{
"date": "2024-11-21T04:37:37.573000",
"db": "NVD",
"id": "CVE-2019-1891"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Small Business Series Managed Switch Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006440"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-235"
}
],
"trust": 0.6
}
}
VAR-201907-0231
Vulnerability from variot - Updated: 2024-11-23 22:48A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition. Cisco Small Business 200 , 300 , 500 Series Managed Switch Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. are all products of Cisco. This issue is being tracked by Cisco Bug ID CSCvp43390
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0231",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esw2-350g52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "esw2-550x48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500xg8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200\u003c1.4.10.6"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300\u003c1.4.10.6"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500\u003c1.4.10.6"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.7"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.9.0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.0.88"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.8.06"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.2.7.76"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.9.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.10.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sf200-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-24p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sf200-48p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg300-10_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco.",
"sources": [
{
"db": "BID",
"id": "109042"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
],
"trust": 0.9
},
"cve": "CVE-2019-1892",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-1892",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-22321",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-1892",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1892",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1892",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1892",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-22321",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-236",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition. Cisco Small Business 200 , 300 , 500 Series Managed Switch Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. are all products of Cisco. \nThis issue is being tracked by Cisco Bug ID CSCvp43390",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1892"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1892",
"trust": 3.3
},
{
"db": "BID",
"id": "109042",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-22321",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2440",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"id": "VAR-201907-0231",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
}
],
"trust": 1.0514219533333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
}
]
},
"last_update_date": "2024-11-23T22:48:22.019000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190703-sbss-memcorrupt",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-memcorrupt"
},
{
"title": "Patch for Cisco Small Business 200, 300, and 500 Series Managed Switches buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/213517"
},
{
"title": "Cisco\u00a0Small Business 200 , 300 and 500 Series Managed Switches Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94425"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1892"
},
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-memcorrupt"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1892"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-sbss-dos"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/109042"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2440/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"db": "BID",
"id": "109042"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109042"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"date": "2019-07-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"date": "2019-07-06T02:15:11.293000",
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22321"
},
{
"date": "2019-07-03T00:00:00",
"db": "BID",
"id": "109042"
},
{
"date": "2019-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006441"
},
{
"date": "2019-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-236"
},
{
"date": "2024-11-21T04:37:37.757000",
"db": "NVD",
"id": "CVE-2019-1892"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Small Business Series Managed Switch Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-236"
}
],
"trust": 0.6
}
}
VAR-201801-0345
Vulnerability from variot - Updated: 2024-11-23 22:42A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco Small Business 300 and 500 Series Managed Switches: Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches, Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches. Cisco Bug IDs: CSCvg29980. Vendors have confirmed this vulnerability Bug ID CSCvg29980 It is released as.Information may be obtained and information may be altered. Attackers can leverage these issues to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a false sense of trust. are all switching devices of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0345",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg350xg-2f10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-350g-52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-52p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-52p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10sfp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "esw2-550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf500-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-28mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "esw2-350g-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-20",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg355-10p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350xg-24f",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-08",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24f",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-16ft",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-28",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-28pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-28",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-550x-48dc",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-12f",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-10mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350xg-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-52mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-10p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf350-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-28p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350xg-24t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-550x-48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500xg-8f8t",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-24t",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf500-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf350-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-2f10",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-350g-52dc",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-48t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf302-08mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-550x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-24ft",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-48t",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-52mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-48pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "esw2-350g-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf302-08mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf350-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-28",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "550x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "esw2 series expansion switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 500 series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 350 series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 500 series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "esw2 series advanced switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 550x series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 350x series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.7"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "esw2 series advanced switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "350x0"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
}
],
"sources": [
{
"db": "BID",
"id": "102733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350x_series_stackable_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_550x_series_stackable_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:esw2_series_advanced_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_300_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_500_series_stackable_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicholas Lim",
"sources": [
{
"db": "BID",
"id": "102733"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12308",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12308",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-102817",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-12308",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-12308",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12308",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-12308",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-633",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-102817",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-12308",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102817"
},
{
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco Small Business 300 and 500 Series Managed Switches: Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches, Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches. Cisco Bug IDs: CSCvg29980. Vendors have confirmed this vulnerability Bug ID CSCvg29980 It is released as.Information may be obtained and information may be altered. \nAttackers can leverage these issues to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a false sense of trust. are all switching devices of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "BID",
"id": "102733"
},
{
"db": "VULHUB",
"id": "VHN-102817"
},
{
"db": "VULMON",
"id": "CVE-2017-12308"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12308",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-633",
"trust": 0.7
},
{
"db": "BID",
"id": "102733",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-102817",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-12308",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102817"
},
{
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"db": "BID",
"id": "102733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"id": "VAR-201801-0345",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-102817"
}
],
"trust": 0.5514219533333333
},
"last_update_date": "2024-11-23T22:42:00.106000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180117-300-500-smb2",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-300-500-smb2"
},
{
"title": "Cisco: Cisco Small Business 300 and 500 Series Managed Switches HTTP Response Splitting Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180117-300-500-smb2"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-113",
"trust": 1.9
},
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102817"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180117-300-500-smb2"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12308"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12308"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/102733"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102817"
},
{
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"db": "BID",
"id": "102733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-102817"
},
{
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"db": "BID",
"id": "102733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-102817"
},
{
"date": "2018-01-18T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"date": "2018-01-11T00:00:00",
"db": "BID",
"id": "102733"
},
{
"date": "2018-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"date": "2018-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"date": "2018-01-18T06:29:00.267000",
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-102817"
},
{
"date": "2020-09-04T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12308"
},
{
"date": "2018-01-11T00:00:00",
"db": "BID",
"id": "102733"
},
{
"date": "2018-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012150"
},
{
"date": "2020-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-633"
},
{
"date": "2024-11-21T03:09:16.797000",
"db": "NVD",
"id": "CVE-2017-12308"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business 300 Series and 500 In series managed switch software HTTP Response splitting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012150"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-633"
}
],
"trust": 0.6
}
}
VAR-201905-0600
Vulnerability from variot - Updated: 2024-11-23 22:33A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. An attacker could exploit this vulnerability by attempting to connect to the device via SSH. A successful exploit could allow the attacker to access the configuration as an administrative user if the default credentials are not changed. There are no workarounds available; however, if client-side certificate authentication is enabled, disable it and use strong password authentication. Client-side certificate authentication is disabled by default. Cisco Small Business Switches There is an authorization vulnerability in the software.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. This issue is being tracked by Cisco bugs CSCvo28588, CSCvp35704
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0600",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350xg-24t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350xg-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-24fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350xg-2f10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-50hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350xg-48t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-10fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf250-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-48hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf250-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg250-26hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg250-08hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg200-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.78"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.10.6"
},
{
"model": "200 series smart switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "250 series smart switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350x series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "500 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5002.4.0.92"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.2.04"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.2.04"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.2.04"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.4.5.71"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.3.0.130"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.2.5.68"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "350x2.4.5.71"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.4.5.71"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.3.0.130"
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2502.4.5.71"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5001.4.10.6"
},
{
"model": "small business series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3001.4.10.6"
},
{
"model": "small business series smart switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2001.4.10.6"
},
{
"model": "series stackable managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "550x2.5.0.78"
},
{
"model": "series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "350x2.5.0.78"
},
{
"model": "series managed switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3502.5.0.78"
},
{
"model": "series smart switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2502.5.0.78"
}
],
"sources": [
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:200_series_smart_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:250_series_smart_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:350x_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:500_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_300_series_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Katie Sexton and Jimi Sebree of Tenable Research.,Katie Sexton and Jimi Sebree of Tenable Research for reporting these vulnerabilities.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
],
"trust": 0.6
},
"cve": "CVE-2019-1859",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2019-1859",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2019-1859",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2019-1859",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-1859",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1859",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-1859",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-054",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-1859",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. An attacker could exploit this vulnerability by attempting to connect to the device via SSH. A successful exploit could allow the attacker to access the configuration as an administrative user if the default credentials are not changed. There are no workarounds available; however, if client-side certificate authentication is enabled, disable it and use strong password authentication. Client-side certificate authentication is disabled by default. Cisco Small Business Switches There is an authorization vulnerability in the software.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nAn attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. \nThis issue is being tracked by Cisco bugs CSCvo28588, CSCvp35704",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1859"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "VULMON",
"id": "CVE-2019-1859"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1859",
"trust": 2.8
},
{
"db": "BID",
"id": "108140",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1536",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-1859",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"id": "VAR-201905-0600",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4270171866666667
},
"last_update_date": "2024-11-23T22:33:55.680000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190501-scbv",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-scbv"
},
{
"title": "Multiple Cisco Product Authorization Issue Vulnerability Fixing Measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92197"
},
{
"title": "Cisco: Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190501-scbv"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-critical-nexus-9000-flaw/144290/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-285",
"trust": 1.8
},
{
"problemtype": "CWE-295",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-scbv"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1859"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1859"
},
{
"trust": 0.7,
"url": "https://www.securityfocus.com/bid/108140"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80182"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-critical-nexus-9000-flaw/144290/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"db": "BID",
"id": "108140"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-03T00:00:00",
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"date": "2019-05-01T00:00:00",
"db": "BID",
"id": "108140"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"date": "2019-05-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"date": "2019-05-03T17:29:01.500000",
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-1859"
},
{
"date": "2019-05-01T00:00:00",
"db": "BID",
"id": "108140"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004454"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-054"
},
{
"date": "2024-11-21T04:37:32.957000",
"db": "NVD",
"id": "CVE-2019-1859"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Switches Authorization vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004454"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-054"
}
],
"trust": 0.6
}
}
VAR-201910-0374
Vulnerability from variot - Updated: 2024-11-23 22:29A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or cause a denial of service (DoS) condition on an affected device. Cisco 250 Series Smart Switches, etc. are products of the United States Cisco (Cisco). The Cisco 250 Series Smart Switches is a 250 series smart switch. The Cisco 350 Series Managed Switches is a 350 series managed switch. 550X Series Stackable Managed Switches is a 550X Series managed switch. The vulnerability stems from the program's failure to provide adequate cross-site request forgery protection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-0374",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sf250x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200e-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-26hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200-24fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11"
},
{
"model": "sf250x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200e-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-10fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-50",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg200-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg200-50p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-50hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-26",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-48hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200e48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf250-26p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-08hp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf200e-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-50fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg200-26fp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf200-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sf250-18",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.11.02"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.0.90"
},
{
"model": "250 series smart switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "550x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:250_series_smart_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_550x_series_stackable_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marcin Mol of Securitum, Poland .",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
}
],
"trust": 0.6
},
"cve": "CVE-2019-12636",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-12636",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-39610",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-12636",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-12636",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-12636",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-12636",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-12636",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-12636",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-39610",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-1107",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or cause a denial of service (DoS) condition on an affected device. Cisco 250 Series Smart Switches, etc. are products of the United States Cisco (Cisco). The Cisco 250 Series Smart Switches is a 250 series smart switch. The Cisco 350 Series Managed Switches is a 350 series managed switch. 550X Series Stackable Managed Switches is a 550X Series managed switch. The vulnerability stems from the program\u0027s failure to provide adequate cross-site request forgery protection",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12636"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNVD",
"id": "CNVD-2019-39610"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12636",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-39610",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3882",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3882.2",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"id": "VAR-201910-0374",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
}
],
"trust": 0.9159721999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
}
]
},
"last_update_date": "2024-11-23T22:29:52.351000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20191016-sbss-csrfCVE-2019-12636",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-sbss-csrf"
},
{
"title": "Patch for Cisco 250 Series Smart Switches, 350 Series Managed Switches, and 550X Series Stackable Managed Switches Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/189157"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-sbss-csrf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12636"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12636"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191016-sbss-xss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3882/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3882.2/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"date": "2019-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"date": "2019-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"date": "2019-10-16T19:15:10.987000",
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-39610"
},
{
"date": "2019-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011149"
},
{
"date": "2020-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1107"
},
{
"date": "2024-11-21T04:23:14.233000",
"db": "NVD",
"id": "CVE-2019-12636"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Smart and Managed Switch Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1107"
}
],
"trust": 0.6
}
}
VAR-202008-0830
Vulnerability from variot - Updated: 2024-11-23 22:25A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the switch management CLI to stop responding, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-0830",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg200-26fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf350-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-26p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-52mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-26hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-50p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-24fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf350-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-2f10",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-24f",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-50p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10sfp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-50hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf350-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-28",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-28p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-52",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-52p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-48pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-52mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-50",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-18",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-10fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg355-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-12f",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-10mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-50",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-24t",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-52",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-24f",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-18",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-50fp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-28",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-26",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-16ft",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-26p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf500-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-08hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-24ft",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-52p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-28mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf200-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-10",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350xg-48t",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500-28mpp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-28",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-26",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250x-48p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg250-08",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-08p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-20",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg300-10",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500x-48",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08pp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg500xg-8f8t",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-48hp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf302-08p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf550x-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg550x-24p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350x-48mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sx550x-52",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf250-24",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg350-28p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sf300-24mp",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.5.47"
},
{
"model": "sg200-08",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business smart and managed switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:sg200-08_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-08p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-10fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-18_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-26p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50fp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:sg200-50p_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
}
]
},
"cve": "CVE-2020-3496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3496",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010444",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-48989",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3496",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3496",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-010444",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-3496",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3496",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-010444",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-48989",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202008-979",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the switch management CLI to stop responding, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNVD",
"id": "CNVD-2020-48989"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3496",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-48989",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2859",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "48759",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"id": "VAR-202008-0830",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
}
]
},
"last_update_date": "2024-11-23T22:25:23.409000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sbss-ipv6-dos-tsgqbffW",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-tsgqbffW"
},
{
"title": "Patch for Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/232054"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbss-ipv6-dos-tsgqbffw"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3496"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3496"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48759"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2859/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"date": "2021-01-18T07:48:14",
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"date": "2020-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"date": "2020-08-26T17:15:14.210000",
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-48989"
},
{
"date": "2021-01-18T07:48:14",
"db": "JVNDB",
"id": "JVNDB-2020-010444"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-979"
},
{
"date": "2024-11-21T05:31:11.363000",
"db": "NVD",
"id": "CVE-2020-3496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business Smart and Managed Switch Input verification vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-010444"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-979"
}
],
"trust": 0.6
}
}
VAR-201801-0354
Vulnerability from variot - Updated: 2024-11-23 21:53A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting and injecting code into a user request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco Small Business 300 and 500 Series Managed Switches: Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches, Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvg24637. Vendors have confirmed this vulnerability Bug ID CSCvg24637 It is released as.Information may be obtained and information may be altered. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. are American Cisco ( Cisco ) The company's switch equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0354",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sg350xg-2f10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf302-08mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-350g-52dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10sfp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-52p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-52p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10sfp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "esw2-550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf500-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-28mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-28mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "esw2-350g-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-20",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg355-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg355-10p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350xg-24f",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-08",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24f",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-10pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-16ft",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-16ft",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-28",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-52p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-28pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-28",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-550x-48dc",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-12f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-12f",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-10mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350xg-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-20",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-52",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-52mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-10p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-52mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-10p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf350-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-28p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf350-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-28",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg500-28p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350xg-24t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-550x-48dc",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500xg-8f8t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500xg-8f8t",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-24t",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg500-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf500-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf350-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24f",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sx550x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf500-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf350-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-2f10",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-350g-52dc",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-48t",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf302-08mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "esw2-550x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sx550x-24ft",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-24",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf300-48pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350xg-48t",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg300-52mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08pp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf300-48pp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-24mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-24mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg550x-24p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "esw2-350g-52",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350x-48mp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf350-48p",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf302-08mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg350-28p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf302-08",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sf550x-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf350-48p",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sf550x-48",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mpp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg350-28",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "sg550x-48mp",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.9.4"
},
{
"model": "sg300-10mpp",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4.7.0"
},
{
"model": "350 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "350x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "550x series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "esw2 series expansion switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 500 series stackable managed switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "small business 350 series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 550x series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "esw2 series advanced switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 500 series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 350x series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business 300 series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "small business series stackable managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "small business series managed switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "esw2 series advanced switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550x0"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "350x0"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
}
],
"sources": [
{
"db": "BID",
"id": "102718"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:small_business_350_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_350x_series_stackable_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_550x_series_stackable_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:esw2_series_advanced_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_300_series_managed_switches_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:small_business_500_series_stackable_managed_switches_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicholas Lim",
"sources": [
{
"db": "BID",
"id": "102718"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12307",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12307",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-102816",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-12307",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-12307",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12307",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-12307",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-634",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-102816",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting and injecting code into a user request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco Small Business 300 and 500 Series Managed Switches: Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches, Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvg24637. Vendors have confirmed this vulnerability Bug ID CSCvg24637 It is released as.Information may be obtained and information may be altered. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. are American Cisco ( Cisco ) The company\u0027s switch equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12307"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "BID",
"id": "102718"
},
{
"db": "VULHUB",
"id": "VHN-102816"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12307",
"trust": 2.8
},
{
"db": "BID",
"id": "102718",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-634",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-102816",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102816"
},
{
"db": "BID",
"id": "102718"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"id": "VAR-201801-0354",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-102816"
}
],
"trust": 0.43338292999999994
},
"last_update_date": "2024-11-23T21:53:30.895000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180117-300-500-smb1",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-300-500-smb1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180117-300-500-smb1"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102718"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12307"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12307"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102816"
},
{
"db": "BID",
"id": "102718"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-102816"
},
{
"db": "BID",
"id": "102718"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-102816"
},
{
"date": "2018-01-17T00:00:00",
"db": "BID",
"id": "102718"
},
{
"date": "2018-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"date": "2018-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"date": "2018-01-18T06:29:00.207000",
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-102816"
},
{
"date": "2018-01-17T00:00:00",
"db": "BID",
"id": "102718"
},
{
"date": "2018-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012149"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-634"
},
{
"date": "2024-11-21T03:09:16.587000",
"db": "NVD",
"id": "CVE-2017-12307"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Small Business 300 Series and 500 Series managed switch software vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-634"
}
],
"trust": 0.6
}
}
VAR-202305-1746
Vulnerability from variot - Updated: 2024-08-14 13:20Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-1746",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "business 350-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24s-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-2f10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24mgp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-12pmv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12np-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-8pmd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48xt-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8s-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mgp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-18p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250\u003c=2.5.9.15"
},
{
"model": "series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350\u003c=2.5.9.15"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350x\u003c=2.5.9.15"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550x\u003c=2.5.9.15"
},
{
"model": "business series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "250\u003c=3.3.0.15"
},
{
"model": "business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "350\u003c=3.3.0.15"
},
{
"model": "small business series smart switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "200\u003c=2.5.9.15"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "300\u003c=2.5.9.15"
},
{
"model": "small business series stackable managed switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500\u003c=2.5.9.15"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"cve": "CVE-2023-20161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-40906",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20161",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20161",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-20161",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-20161",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2023-20161",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-20161",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2023-40906",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202305-1733",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-20161",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-40906",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2892",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-20161",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"id": "VAR-202305-1746",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
}
],
"trust": 1.0270171866666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
}
]
},
"last_update_date": "2024-08-14T13:20:44.036000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sg-web-multi-S9g4Nkgv",
"trust": 0.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv"
},
{
"title": "Patch for Cisco Small Business Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/429251"
},
{
"title": "Cisco Small Business Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=239229"
},
{
"title": "Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sg-web-multi-S9g4Nkgv"
},
{
"title": null,
"trust": 0.1,
"url": "https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20161"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-20161/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2892"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"date": "2023-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"date": "2023-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"date": "2023-05-18T03:15:10.337000",
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-40906"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20161"
},
{
"date": "2023-12-12T07:25:00",
"db": "JVNDB",
"id": "JVNDB-2023-011167"
},
{
"date": "2023-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1733"
},
{
"date": "2023-11-07T04:06:19.453000",
"db": "NVD",
"id": "CVE-2023-20161"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011167"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1733"
}
],
"trust": 0.6
}
}
VAR-202305-1743
Vulnerability from variot - Updated: 2024-08-14 13:20Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Service operation interruption (DoS) It may be in a state. Cisco Small Business Series Switches are switch products of the American company Cisco.
Cisco Small Business Series Switches have a heap buffer overflow vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202305-1743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "business 350-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-10fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24s-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-52pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-2f10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24mgp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-12pmv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12np-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48pv",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-8pmd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48xt-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8s-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mgp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48t-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-18p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xs",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-08p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-48fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-48t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-08hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16fp-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf550x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-16t-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24xts",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf352-08",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg355-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-10p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-26hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg300-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-50fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500xg8f8t",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200e-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-18",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg200-26fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-24pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-50hp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-8pd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-12xt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-24fp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf300-48pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8fp-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf302-08pp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf200-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24ngp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf350-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-26p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8mp-2x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf250-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-24p-4x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg250-50",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 350-8p-e-2g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg550xg-24f",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business 250-24p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8fp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16p-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8p-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24pp-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-16t-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24fp-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24p-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-24t-4g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48t-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8t-d",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-48p-4x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "business 250-8pp-e-2g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "small business series switches",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"cve": "CVE-2023-20024",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-85954",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20024",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2023-20024",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-20024",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-20024",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2023-20024",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-20024",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2023-85954",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202305-1727",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Service operation interruption (DoS) It may be in a state. Cisco Small Business Series Switches are switch products of the American company Cisco. \n\r\n\r\nCisco Small Business Series Switches have a heap buffer overflow vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-20024",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-85954",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2892",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-20024",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"id": "VAR-202305-1743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
}
]
},
"last_update_date": "2024-08-14T13:20:43.965000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-sg-web-multi-S9g4Nkgv",
"trust": 0.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv"
},
{
"title": "Patch for Heap Buffer Overflow Vulnerability in Cisco Small Business Series Switches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/478341"
},
{
"title": "Cisco Small Business Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=239223"
},
{
"title": "Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sg-web-multi-S9g4Nkgv"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20024"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2892"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-20024/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"date": "2023-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"date": "2023-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"date": "2023-05-18T03:15:09.590000",
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-85954"
},
{
"date": "2023-05-18T00:00:00",
"db": "VULMON",
"id": "CVE-2023-20024"
},
{
"date": "2023-12-12T05:23:00",
"db": "JVNDB",
"id": "JVNDB-2023-011047"
},
{
"date": "2023-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202305-1727"
},
{
"date": "2023-11-07T04:05:46.733000",
"db": "NVD",
"id": "CVE-2023-20024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011047"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202305-1727"
}
],
"trust": 0.6
}
}