Lucene search

K

Cisco Small Business Series Switches Buffer Overflow Vulnerabilities (cisco-sa-sg-web-multi-S9g4Nkgv)

Cisco Small Business Series Switches Buffer Overflow Vulnerabilitie

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Cisco
Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
17 May 202316:00
cisco
The Hacker News
Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks
18 May 202305:18
thn
Malwarebytes
Update now: 9 vulnerabilities impact Cisco Small Business Series
22 May 202302:00
malwarebytes
Prion
Input validation
18 May 202303:15
prion
Prion
Input validation
18 May 202303:15
prion
Prion
Input validation
18 May 202303:15
prion
Prion
Input validation
18 May 202303:15
prion
Prion
Input validation
18 May 202303:15
prion
Prion
Input validation
18 May 202303:15
prion
Prion
Input validation
18 May 202303:15
prion
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(176111);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/22");

  script_cve_id(
    "CVE-2023-20024",
    "CVE-2023-20156",
    "CVE-2023-20157",
    "CVE-2023-20158",
    "CVE-2023-20159",
    "CVE-2023-20160",
    "CVE-2023-20161",
    "CVE-2023-20162",
    "CVE-2023-20189"
  );
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27386");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27393");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27394");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27403");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27424");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27425");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27441");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27444");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe27445");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32312");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32313");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32315");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32318");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32321");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32323");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32326");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32334");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwe32338");
  script_xref(name:"CISCO-SA", value:"cisco-sa-sg-web-multi-S9g4Nkgv");
  script_xref(name:"IAVA", value:"2023-A-0262");

  script_name(english:"Cisco Small Business Series Switches Buffer Overflow Vulnerabilities (cisco-sa-sg-web-multi-S9g4Nkgv)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow
an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root
privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to
the web interface.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?618cd4e4");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27386");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27393");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27394");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27403");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27424");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27425");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27441");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27444");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe27445");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32312");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32313");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32315");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32318");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32321");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32323");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32326");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32334");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe32338");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwe27386, CSCwe27393, CSCwe27394, CSCwe27403,
CSCwe27424, CSCwe27425, CSCwe27441, CSCwe27444, CSCwe27445, CSCwe32312, CSCwe32313, CSCwe32315, CSCwe32318, CSCwe32321,
CSCwe32323, CSCwe32326, CSCwe32334, CSCwe32338");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-20189");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/19");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:cisco:small_business_series_switch");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/h:cisco:small_business_series_switch");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_small_business_switch_detect.nbin");
  script_require_keys("Cisco/Small_Business_Router/Version", "Cisco/Small_Business_Router/Model");

  exit(0);
}

include('vcf.inc');
include('http.inc');

var port = get_http_port(default:443);
var app_info = vcf::get_app_info(app:'Cisco Small Business Series Switch', port:port, webapp:TRUE);

# 250 Series Smart Switches
# 350 Series Managed Switches
# 350X Series Stackable Managed Switches
# 550X Series Stackable Managed Switches
if (app_info['model'] !~ "^CBS(2|3)50")
  audit(AUDIT_HOST_NOT, 'an affected Cisco Small Business Series switch');

var constraints = [ {'min_version':'0.0', 'fixed_version' : '3.3.0.16'} ];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo