Cisco Small Business Smart And Managed Switches vulnerabilities
13 known vulnerabilities affecting cisco/cisco_small_business_smart_and_managed_switches.
Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-20263HIGHCVSS 7.2v2.0.0.73v2.1.0.63+32 more2024-01-26
CVE-2024-20263 [MEDIUM] CWE-284 CVE-2024-20263: A vulnerability with the access control list (ACL) management within a stacked switch configuration
A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processi
cvelistv5nvd
CVE-2023-20188MEDIUMCVSS 4.8v1.0.0.16v1.0.0.19+35 more2023-06-28
CVE-2023-20188 [MEDIUM] CWE-87 CVE-2023-20188: A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switc
A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on
cvelistv5nvd
CVE-2023-20158CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20158 [HIGH] CWE-120 CVE-2023-20158: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20162CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20162 [HIGH] CWE-120 CVE-2023-20162: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20160CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20160 [HIGH] CWE-120 CVE-2023-20160: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20157CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20157 [HIGH] CWE-120 CVE-2023-20157: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20161CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20161 [HIGH] CWE-120 CVE-2023-20161: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20189CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20189 [HIGH] CWE-120 CVE-2023-20189: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20159CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20159 [HIGH] CWE-120 CVE-2023-20159: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20156CRITICALCVSS 9.8vn/a2023-05-18
CVE-2023-20156 [HIGH] CWE-120 CVE-2023-20156: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2023-20024HIGHCVSS 7.5vn/a2023-05-18
CVE-2023-20024 [HIGH] CWE-120 CVE-2023-20024: Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Swit
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the
cvelistv5nvd
CVE-2021-34739HIGHCVSS 8.1vn/a2021-11-04
CVE-2021-34739 [HIGH] CWE-613 CVE-2021-34739: A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switch
A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credent
cvelistv5nvd
CVE-2021-40127MEDIUMCVSS 5.3vn/a2021-11-04
CVE-2021-40127 [MEDIUM] CWE-20 CVE-2021-40127: A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switc
A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of servic
cvelistv5nvd