An attacker could exploit this vulnerability by sending a crafted request through the web-based user interface. This vulnerability is due to improper validation of requests that are sent to the web interface. There are no workarounds that address this vulnerability.ĬVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HĬVE-2023-20160: Cisco Small Business Series Switches Unauthenticated BSS Buffer Overflow VulnerabilityĬVE-2023-20161: Cisco Small Business Series Switches Unauthenticated Stack Buffer Overflow VulnerabilityĬVE-2023-20189: Cisco Small Business Series Switches Unauthenticated Stack Buffer Overflow VulnerabilityĬVE-2023-20024: Cisco Small Business Series Switches Unauthenticated Heap Buffer Overflow VulnerabilityĪ vulnerability in the web-based user interface of Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device.Ĭisco has released software updates that address this vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.ĭetails about the vulnerabilities are as follows:ĬVE-2023-20159: Cisco Small Business Series Switches Stack Buffer Overflow VulnerabilityĪ vulnerability in the web-based user interface of Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. The vulnerabilities are not dependent on one another.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |