Lucene search

[email protected]CVE-2019-1891

HistoryJul 06, 2019 - 2:15 a.m.

CVE-2019-1891

2019-07-0602:15:00

CWE-20

[email protected]

web.nvd.nist.gov

366

cve-2019-1891

cisco

small business

switches

web interface

vulnerability

dos

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.3%

JSON

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.

CPENameOperatorVersion
cisco:sf200-24_firmwarecisco sf200-24 firmwarelt1.4.10.6
cisco:sf200-24p_firmwarecisco sf200-24p firmwarelt1.4.10.6
cisco:sf200-48_firmwarecisco sf200-48 firmwarelt1.4.10.6
cisco:sf200-48p_firmwarecisco sf200-48p firmwarelt1.4.10.6
cisco:sg200-18_firmwarecisco sg200-18 firmwarelt1.4.10.6
cisco:sg200-26_firmwarecisco sg200-26 firmwarelt1.4.10.6
cisco:sg200-26p_firmwarecisco sg200-26p firmwarelt1.4.10.6
cisco:sg200-50_firmwarecisco sg200-50 firmwarelt1.4.10.6
cisco:sg200-50p_firmwarecisco sg200-50p firmwarelt1.4.10.6
cisco:sg300-10_firmwarecisco sg300-10 firmwarelt1.4.10.6

CPE	Name	Operator	Version
cisco:sf200-24_firmware	cisco sf200-24 firmware	lt	1.4.10.6
cisco:sf200-24p_firmware	cisco sf200-24p firmware	lt	1.4.10.6
cisco:sf200-48_firmware	cisco sf200-48 firmware	lt	1.4.10.6
cisco:sf200-48p_firmware	cisco sf200-48p firmware	lt	1.4.10.6
cisco:sg200-18_firmware	cisco sg200-18 firmware	lt	1.4.10.6
cisco:sg200-26_firmware	cisco sg200-26 firmware	lt	1.4.10.6
cisco:sg200-26p_firmware	cisco sg200-26p firmware	lt	1.4.10.6
cisco:sg200-50_firmware	cisco sg200-50 firmware	lt	1.4.10.6
cisco:sg200-50p_firmware	cisco sg200-50p firmware	lt	1.4.10.6
cisco:sg300-10_firmware	cisco sg300-10 firmware	lt	1.4.10.6

Rows per page:

1-10 of 571

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-dos

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.3%

JSON

Related for CVE-2019-1891

prion1 cisco1 cvelist1