Cisco Small Business 300 Series Managed Switches vulnerabilities

CVE-2020-3147 [HIGH] CWE-20 CVE-2020-3147: A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remot A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web int

CVE-2019-1943 [MEDIUM] CWE-601 CVE-2019-1943: A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches softw A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a us

CVE-2019-1892 [HIGH] CWE-119 CVE-2019-1892: A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200 A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by se

CVE-2019-1891 [HIGH] CWE-20 CVE-2019-1891: A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switch A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by se

CVE-2019-1814 [HIGH] CWE-400 CVE-2019-1814: A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and result in a denial of service (DoS) condition on an affec

CVE-2018-15439 [CRITICAL] CWE-798 CVE-2018-15439: A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An at

CVE-2018-0465 [MEDIUM] CWE-79 CVE-2018-0465: A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Swi A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability exists because the affected management interface performs insufficient validatio