CVE-2019-1806

CWE-20Improper Input ValidationCWE-770Allocation without Limits5 documents5 sources
Severity
7.7HIGH
EPSS
0.3%
top 44.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
106
Cisco Cisco 550x Series Stackable Managed SwitchesCisco Esw2-350g52dc FirmwareCisco Esw2-550x48dc Firmware+103 more
Timeline
PublishedMay 15
Latest updateMay 24

Description

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerabil

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 3.1 | Impact: 4.0

Affected Packages106 packages

CVEListV5cisco/cisco_550x_series_stackable_managed_switchesunspecified1.4.10.6+1
NVDcisco/sx550x-24_firmware< 2.5.0.78
NVDcisco/sx550x-52_firmware< 2.5.0.78

🔴Vulnerability Details

2
GHSA
GHSA-cp5x-9q38-h2hj: A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Manag2022-05-24
CVEList
Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service Vulnerability2019-05-15

📋Vendor Advisories

1
Cisco
Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service Vulnerability2019-05-15
CVE-2019-1806 (HIGH CVSS 7.7) | A vulnerability in the Simple Netwo | cvebase.io