All the vulnerabilites related to cisco - sg300-sfp_firmware
Vulnerability from fkie_nvd
Published
2021-11-04 16:15
Modified
2024-11-21 06:23
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE54B823-D772-49CF-9BA4-D8056C31A915",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1866B4D0-0FF2-4C79-A07B-4FAE5586F7E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-24fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC963AF6-F648-4A5B-84C6-1D5823222527",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-24fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8A349B-73D2-4010-90C2-B153B3245487",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "471C22F3-B110-46E4-BA52-8FDA4412EA0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8518B-EE72-4CEA-B2A8-9F17898F4476",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47341322-B516-4957-8CC0-5F34D8983937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F27801-DCF0-4843-90F8-2A1694BB29E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB592B62-F1DE-4BF5-A975-345483C37949",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B12AEA51-CF3B-44CC-9943-E370A29EFDC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200e-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5351275-B6BB-4C0B-B6BE-04AD6B87DC89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200e-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE5BB77-2B41-48BF-BEA7-F1DF1342D0B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200e-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A38A8A-081E-4471-8A13-0AF6AB7339C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200e-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB01A53-2BC6-4F93-B873-1C9E2B67EAB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200e-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C879A7D2-34FC-4BF0-8845-CA358BED3B88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200e-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB459E5-A7B1-4C99-9E08-0EAFD8690F84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200e-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B28A1C-B891-4D1B-A91C-7DC88846F726",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200e-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C31245AB-ECAD-431D-90C5-C33D3F78B09B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-08_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF3A3B-93C1-4DD6-AFEC-60B3E7FFB114",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "335CA93E-604D-4060-9D24-E4E9D7740A3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-08p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE4DDC3-43B2-4487-90FE-A3529D3A5AA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-08p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB844823-174D-487B-A211-E650D638A010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-10fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5A806E-4E9F-45D2-936F-F9416342FBA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-10fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D173967C-5FF3-49DE-863B-26F7DF8B5F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-18_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE91F6B0-635D-48B3-BBB2-C9A6AC367815",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD5CDA0-F982-492B-B631-6B0958F82A7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1196E58A-FF08-4086-8B89-42DF19A3E2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2F454F-9084-4AD8-8F81-45A4AFAF63B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-26fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9702EE3-E077-4F70-AD90-EFD168BFCCBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-26fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0ACAD62-EA73-494C-8244-541642C3E397",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-26p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0419BDEB-DADB-4D0E-A747-6EEFF9D3A26B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-26p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A30A529-9796-4D10-AE55-698930E95CD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1F4AF2-7330-4535-900E-B4A2A6B76A8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0219D69-91AE-4558-BF12-93BB82D74A48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-50fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A444FC-D2A5-4847-B616-F5E729F10C75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-50fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E81B93-C7DB-4CC7-9FEA-914C853411B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-50p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03699C15-D612-4CEC-923C-7E69CC6F6C79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-50p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82842273-F24B-4210-8E07-5F7253018FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-08_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B324D-F948-4373-A9FB-F07F56473774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C96B794-16D3-46FE-8A2B-262BD38994E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "EC313EB0-C812-4B77-B6EB-6E5D106CA1DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C324F7E3-2088-452F-B049-519A9D25C9B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24mp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "61C7AA57-56B9-4C39-98FC-A9C72F9B2C60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4882366A-9450-47BE-BE70-CC3A9D2F5275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24p_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1E7DA8-4181-47C8-B86E-72DEA912DD15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D909B9-5B11-401E-8484-D6CD39D64142",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24pp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E942E2D0-C4AF-47C4-A9E6-3F26D66F9D1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7B70CB-9D7A-4637-8A51-634157F7AC85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-48_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F50236-E49B-4BE1-BC96-E3EB3997541B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "765DECDB-4234-4444-B78F-01C1DCBAD8FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-48p_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC94589-59F0-451D-AE0B-1A2610EC9F8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5307DEF-DCD1-417A-B649-FF4DCE66193E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-48pp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A6451DB3-575F-4E48-9839-083F00C35B61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-48pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5248F85-411D-4ED9-983C-A28A90C8FC70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB83A46-C1E5-4CF9-9615-41F3C315FC02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04042998-72B6-4215-9264-CC563E51D9CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08mp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "735E92BB-E4D9-46B5-B9A3-A685934F456F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8124725E-8340-43BC-BEBB-BC39E3AE7368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08mpp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "17426691-ADB9-429C-8B37-A479C630B95A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19890DBE-F1B9-4454-8738-AC2AC6704C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08p_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5D6C94-CF45-4252-9F26-C41E5030F001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C97D56-2E3C-4F36-89E2-BC169AED3CC2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08pp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5C95827B-4219-4EB8-B54C-21C9E852F234",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFEF3C3-0C7C-4359-A45F-00152ACAB545",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "531206F5-A601-4A31-A3F3-0CBF4AF3B329",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78B44981-5C59-4328-A7DB-FBF50F9C92C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10mp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "58F68741-2F9B-4438-8B6E-2E76E42032F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95F6D7AC-2ACB-4693-AB8E-C700B99C5BF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10mpp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "11835FD0-2107-4FBE-8027-FBA60817E624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD7CDE3-7247-4EA9-8A72-7ABC961BD895",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10p_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D34720E3-5EE5-4C3F-98C1-B288CAF4C114",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9054C3D1-BA1A-4BAC-8834-88673B804E4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10pp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "11F581CD-52CF-495B-A1B9-346D47C7F7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1772C3-48DB-4BEF-9F12-CDCC3BBFA0E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-sfp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "931F3413-96F3-41DC-81FA-00B7047AA100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-sfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F700BC4-035F-4509-B882-AFFEBA0B178A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-20_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AF68BBFD-A14A-48DB-89F3-50F90D308D97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50A677CE-4360-4780-ABF9-466C45CB19E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A100F872-E7F4-4188-AB44-594F9612F478",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E74DB8D8-B79B-4DAE-BF88-98C1F518E76D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28mp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "BE30BE52-B04C-467D-9A5E-8F71B4C2F3CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2B761-E591-42B6-B62F-63A6D41F4FAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28p_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAB4ACB-70C8-4BD2-9E1A-D5DCE06B3FBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D5109D-C78B-4362-B000-0AA073FCC843",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28pp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "261CC970-0D09-4E85-A063-A68CE026B593",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6F6741-AA56-47EA-998C-78FD7F6B01CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28sfp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EDC0B7-F004-4841-B848-E653E4FF044B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28sfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD69957-B714-406D-9775-92A7D993BAC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-52_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "797B03EC-8CE9-41C9-B77A-975A7664CC9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26EE1D-763F-4893-9997-F4C1CE7A1089",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-52mp_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "ADEFD297-FDDC-4677-B52E-7FACA67FA71D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-52mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C3B5A2-CAE6-4E75-A1A3-4FCB1C62A7A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-52p_firmware:1.4.11.02:*:*:*:*:*:*:*",
"matchCriteriaId": "ED0F2E5D-7A5A-4205-8F88-1DC6F593E713",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-52p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9DF9C4-9D06-4449-8AF0-8322C6B77F6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6E4A156-2BF5-4F65-916C-E94AD6F899A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0F8958-8059-411B-86C8-40B1073C80C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-24mp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E985C1-0BBE-4128-B110-7CBFF141D020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-24mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8723C660-F052-4C9B-ADD1-8484C7209701",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ACD1A2A-9CCE-4A92-AC7B-9921172F1BC1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "218D6018-551C-46B8-AE27-F88E6052F37B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A1075B-47F6-4361-9FAC-4FCE932ED61D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB8DE78-E398-458B-98EF-EEEB6E219BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-48mp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF942EB-8373-4202-BC95-AC82C0565A6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-48mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E049B2-C818-4929-8DDA-3B38BF8C7B3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4EE51C-F69E-412E-BE53-00B377564D01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E443C685-F000-4F89-ADEA-7084138018D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-28_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48E2C7ED-765A-442D-8FC6-5D769AD05251",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-28:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0779C5EE-C145-4C28-8F60-EE692409102D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-28mpp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1FAC9E-45D1-4CB9-9BB2-389427199D52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-28mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6035EA-0F55-4C76-9E2F-DD4938576D1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-28p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1431252-1FAE-4492-A7C4-69D47BBEB228",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-28p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4D4AD6-C5FD-40D8-B002-2B784EC88B89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-52_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67BE410C-FF81-4D5D-8C81-15A4C0E02E4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40273E59-7C60-4094-B9FC-A633A2F23E61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-52mp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91A93E7F-A05D-4617-9BB9-6962CDB08AE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-52mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E534B2-12EA-489B-A939-4F1965B5EC66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-52p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41E2FD03-6870-466F-9389-6D044BAC5DA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-52p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14A201E5-0603-4C96-8F4B-87934B7B99D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA293370-953C-42ED-BF25-4C439A8D986A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A9D4D4-EF09-4862-B62A-94913AEFA2BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-24mpp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C1696B-C2EC-4D3A-9E6F-C59485C4DF7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-24mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1280ABD-C15B-42BF-AF72-B54C3BCBAF83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F89D89-F7E9-4BC2-9A5F-3689930DAEF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0093FE2A-3D4C-4435-AE35-D213C9700771",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B7BB55-2872-411F-8E0B-EED8746FA013",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84D71EE-64CC-4966-98D1-C0697816120A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-48mpp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F067F1-7F5F-4887-8B6F-BE8F35C4B8CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-48mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626915FA-9BBA-4488-944A-8B4AB12F875C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E70A5C52-9C3B-4FA8-9208-FF19200BD3F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99C3C2-0B98-4108-8102-80132BF47A32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500xg-8f8t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F73C16B-814C-447E-84C2-893B9ED90693",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500xg-8f8t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FE0E3E-5AB4-4BBA-A787-072799BF3EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web de los switches inteligentes Cisco Small Business 200 Series, los switches gestionados Cisco Small Business 300 Series y los switches gestionados apilables Cisco Small Business 500 Series podr\u00eda permitir a un atacante remoto no autenticado inutilizar la interfaz de administraci\u00f3n basada en la web, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a que no son comprobados correctamente las peticiones HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una redirecci\u00f3n no v\u00e1lida permanente para las peticiones enviadas a la interfaz de administraci\u00f3n basada en la web del dispositivo, resultando en una condici\u00f3n de DoS"
}
],
"id": "CVE-2021-40127",
"lastModified": "2024-11-21T06:23:38.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-04T16:15:09.643",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-40127
Vulnerability from cvelistv5
Published
2021-11-04 15:30
Modified
2024-11-07 21:45
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Small Business Smart and Managed Switches |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211103 Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40127",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:44:20.432997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:45:08.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Small Business Smart and Managed Switches",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T15:30:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211103 Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8"
}
],
"source": {
"advisory": "cisco-sa-smb-switches-web-dos-xMyFFkt8",
"defect": [
[
"CSCvz62174"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-11-03T16:00:00",
"ID": "CVE-2021-40127",
"STATE": "PUBLIC",
"TITLE": "Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Small Business Smart and Managed Switches",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211103 Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-web-dos-xMyFFkt8"
}
]
},
"source": {
"advisory": "cisco-sa-smb-switches-web-dos-xMyFFkt8",
"defect": [
[
"CSCvz62174"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-40127",
"datePublished": "2021-11-04T15:30:11.944802Z",
"dateReserved": "2021-08-25T00:00:00",
"dateUpdated": "2024-11-07T21:45:08.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}