CiscoCVELIST:CVE-2023-20156CVE-2023-20156 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
9.9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
58.5%
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Small Business Smart and Managed Switches ",
"versions": [
{
"version": "n/a",
"status": "affected"
}
]
}
]Related
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
9.9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
58.5%