2 matches found
CVE-2020-3297
CVE-2020-3297 affects Cisco Small Business Smart and Managed Switches. The root cause is weak entropy in session identifiers used by the web-based management interface, enabling an unauthenticated remote attacker to brute-force a current session ID and hijack a session with privileges up to admin...
Cisco Warns of High-Severity Bug in Small Business Switch Lineup
Cisco Systems is warning of a high-severity flaw affecting more than a half-dozen of its small business switches. The flaw could allow remote, unauthenticated attackers to access the switches’ management interfaces with administrative privileges. Specifically affected are Series Smart Switches,...