CVE-2020-3121 (GCVE-0-2020-3121)

Vulnerability from cvelistv5 – Published: 2020-01-26 04:31 – Updated: 2024-11-15 17:45
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE
Assigner
References
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco 550X Series Stackable Managed Switches Affected: unspecified , < n/a (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.540Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200122 Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3121",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:29:56.727357Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:45:38.991Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco 550X Series Stackable Managed Switches",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-26T04:31:22",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200122 Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200122-sbsms-xss",
        "defect": [
          [
            "CSCvs09313"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-01-22T16:00:00-0800",
          "ID": "CVE-2020-3121",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco 550X Series Stackable Managed Switches",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.1",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200122 Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200122-sbsms-xss",
          "defect": [
            [
              "CSCvs09313"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3121",
    "datePublished": "2020-01-26T04:31:22.955259Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:45:38.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250x-24_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"D5D95896-7055-4A21-96E5-14443BF1EF2E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250x-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDF0F571-4139-411C-9E9F-4974AB9ED29E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250x-24p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"F5AC305C-9F13-4EC0-BA44-F0CF0262BD78\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250x-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"850829DF-9613-4E1A-9D9A-A74D3AD8BA14\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250x-48_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"C245C733-9B09-44C1-93B1-5DE1FF3AE2C6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250x-48:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C050FFC6-FB6E-4AEC-830A-856B9E728D0F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250x-48p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"86AA3E57-DEEE-4491-9B66-37F08FE70AD9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250x-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AD1B2A7-B9CD-439B-B55E-D5AF769228FE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-08_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"14D901C7-5727-49D2-9D09-6DFDF1CA974B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-08:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6A7F2D0-9E2B-4162-8F31-BE44BCD3BDCB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-08hp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"7A8EAC5E-2A95-47C2-B68B-16BA15558D7E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-08hp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C733117C-BFAE-459D-A9E2-5082C77A4D22\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-10p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"62E86462-EBEC-48CF-8B73-A3856B5A4412\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-10p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9AEADBBF-9E5B-435E-BF81-3D2DBF369D33\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-18_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"90023A73-5FDD-4A1D-85A9-4663CE0A611D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-18:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72500D80-4EC8-4B49-8C22-FA19E03491DF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-26_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"997FF987-64C6-46E3-8260-8E1C20E74FAF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-26:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CDA0852-1A08-4327-ABEE-9A1059DFE9BF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-26hp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"C87DDDED-8276-484F-ADCC-3CC73C2A5E89\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-26hp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9610ED5C-26BE-45A6-B6DD-00DA6AB0F57D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-26p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"E18B4EE6-F495-4AF0-831B-237135961156\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-26p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B19804D-C92A-4758-A2CF-E3D4D6ED65FF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-50_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"17B8C32E-1ED4-46A0-B7C9-25131173DA87\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF27F695-F2EA-43C9-B283-E7EEA70CB0F4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-50hp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"AF4B2460-C9DA-43D9-BA93-8F3D382D86AB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-50hp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7885727C-5100-49A7-909F-D4DF545BF65D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-50p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"33D31E90-CEC3-4B9E-AFDE-2D4968B18FA2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-50p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DB6FE78-C783-4A7E-90B0-ABCDA72E2D8C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-24_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"A450299D-B719-4648-B6A3-DDD885888A4F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFBEB8EA-2E71-4F63-AAE3-07322722FD76\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-24p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"5FD3DF16-087B-4987-AEB7-0408D5B4D8B1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D32C81B6-F732-4E9B-A181-C87FC90F1150\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-48_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"FB155F3F-7EEA-4D11-97BE-0637FFC6F9DD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-48:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"145D2E2E-7B91-4A02-A7B1-78EC9D49E719\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg250-48hp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"72485824-B5EE-4608-8BE2-C90ECDCCDEEA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg250-48hp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66FE4C7D-BBF7-4CC7-A6A3-C0D6713C4FFC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf350-48_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"6B5E6167-62E9-44E4-93BD-0884B3B90777\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf350-48:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EF58ED1-AECE-435C-8F8F-6053C44E01C9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf350-48p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"60C2982C-183F-41B1-9AA3-D5707F795E6B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf350-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2BE66F3-51C8-42D8-927A-5BA0B9B072EF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf350-48mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"80CED547-483B-4889-8079-77861D0590CD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf350-48mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2DE3B15-DD70-445E-936C-0C9D5C3F1450\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg350-10_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"CB64405B-E5CD-4E77-84A1-A6C65F41B167\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg350-10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79843C24-2CE8-4040-9C04-79902D8F741D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg350-10p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"26A3CD31-4E1D-4047-8058-E8019F3A4546\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg350-10p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD650E51-E248-4CFD-8163-72717B66D675\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg350-10mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"45DF22E1-24CE-4AA8-9B76-90A08E1D3FB9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg350-10mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B36A173-5C14-4B38-B3DD-CD83B19AF94B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg355-10mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"5A0F2ED4-EA54-41E8-8A14-F0CB8C1776D2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg355-10mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C07B10FC-9C39-482A-9807-16D49FDAD979\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg350-28_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"928A3EAF-E40F-4D7C-9925-A6145A32E2B2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg350-28:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"500F9351-FA0C-4648-A2A6-ACFF6C8FD157\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg350-28p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"4A316620-A0B1-45FA-A2D3-9C7197AAB4FC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg350-28p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8122322F-6104-4978-9E00-40437365FF67\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg350-28mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"79CA829F-E578-426D-8E3D-797449D3CACB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg350-28mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11548FB9-ADB1-4281-B89B-6D61836072DE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sx550x-16ft_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"4B4E22B8-46CA-4539-8608-90A1B7C68B6F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sx550x-16ft:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02D9BEB5-78FE-49EB-92BE-6597E7608E71\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"5493DB18-7F2C-4A9E-971A-491824E5BF7D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFEDE246-7DF9-486D-A5B9-5596FE0AC582\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sx550x-12ft_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"67DF2CB4-7DFE-4B13-A9B4-7FCEEC2FD6EB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sx550x-12ft:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF7238B1-AF9E-450A-9A11-4B6CDC527CA6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"5493DB18-7F2C-4A9E-971A-491824E5BF7D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFEDE246-7DF9-486D-A5B9-5596FE0AC582\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sx550x-24_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"0D2F65F5-FC79-49AF-8122-5FF46D28EE0D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sx550x-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B39E214D-A4B7-460C-9402-8F94336B30A0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sx550x-52_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"AD599A09-5793-4A5E-8D9C-8A0936322143\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sx550x-52:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"297A662D-BD11-4021-8F19-946CA4BCF8D2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-24_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"308E4391-7962-4F27-ADFC-B8BBF04D9089\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ADB1D69-CBDC-4045-A806-087878560EF4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-24p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"314F2981-1A9C-4156-98CC-62C6A71AA053\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81B88075-F579-492C-B87C-5E4291D269B2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-24mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"912253A6-3180-43BB-9D56-0DB7DB42065D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-24mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"605B8DE5-56EB-4FFF-BC04-1B3A38762727\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-24mpp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"72B077BF-70D4-427A-A4D9-18D0D755480E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-24mpp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C940275E-41A8-470D-AD97-AB6EC5A75CEF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-48_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"2B33A623-1F6C-4BC6-9E09-6590F45CEA5F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-48:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"235AAB5A-9D0A-4864-89E2-D69D1D8A79D1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-48p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"628B557D-2FE9-49E7-A47F-1EE150DEE74A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"967DCE55-B7D5-4D63-9693-B42FAA9243B1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sg550x-48mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"51E59E26-20EA-409B-99BE-0437425BA179\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sg550x-48mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9AA6BED3-2564-4A7C-91DC-F843E301A35E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf550x-24_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"80C6A8B5-E26B-43AD-A32C-3A7E2BA0F4CB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf550x-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F53C2EAA-CD47-4D76-BBC6-C59D531AB1D4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf550x-24p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"32AC8E8E-4496-4DEC-94CA-AFFAEE2BC485\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf550x-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BDF26D7-B3B5-47CA-94E9-B14BEFE02318\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf550x-48_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"6D3EF6D3-A329-48AB-A92A-0F5B9C6C6F2E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf550x-48:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C374EB87-A4C6-43FB-B42E-DEA973375EC2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf550x-48p_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"38BF0C89-07C4-43CF-85AD-01ECC8FBFE2C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf550x-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"903E59DA-DE59-4CD4-BE32-B91DDA1DA07D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sf550x-48mp_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0.90\", \"matchCriteriaId\": \"4A96FF9C-4A6A-45C8-A265-0E34D506EEE4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:sf550x-48mp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A6AFC45-9ECC-4D4A-80BF-20F49C83A57A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la interfaz de administraci\\u00f3n basada en web de Cisco Small Business Smart and Managed Switches, podr\\u00eda permitir a un atacante remoto no autenticado llevar a cabo un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad es debido a una comprobaci\\u00f3n insuficiente de la entrada suministrada por parte del usuario mediante la interfaz de administraci\\u00f3n basada en web del dispositivo afectado. Un atacante podr\\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace malicioso y acceda a una p\\u00e1gina espec\\u00edfica. Una explotaci\\u00f3n con \\u00e9xito podr\\u00eda permitir al atacante ejecutar c\\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\\u00f3n confidencial basada en el navegador.\"}]",
      "id": "CVE-2020-3121",
      "lastModified": "2024-11-21T05:30:22.217",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-01-26T05:15:17.397",
      "references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-3121\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2020-01-26T05:15:17.397\",\"lastModified\":\"2024-11-21T05:30:22.217\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Small Business Smart and Managed Switches, podr\u00eda permitir a un atacante remoto no autenticado llevar a cabo un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por parte del usuario mediante la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace malicioso y acceda a una p\u00e1gina espec\u00edfica. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV30\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250x-24_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"D5D95896-7055-4A21-96E5-14443BF1EF2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250x-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF0F571-4139-411C-9E9F-4974AB9ED29E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250x-24p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"F5AC305C-9F13-4EC0-BA44-F0CF0262BD78\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250x-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"850829DF-9613-4E1A-9D9A-A74D3AD8BA14\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250x-48_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"C245C733-9B09-44C1-93B1-5DE1FF3AE2C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250x-48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C050FFC6-FB6E-4AEC-830A-856B9E728D0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250x-48p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"86AA3E57-DEEE-4491-9B66-37F08FE70AD9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250x-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AD1B2A7-B9CD-439B-B55E-D5AF769228FE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-08_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"14D901C7-5727-49D2-9D09-6DFDF1CA974B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-08:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6A7F2D0-9E2B-4162-8F31-BE44BCD3BDCB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-08hp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"7A8EAC5E-2A95-47C2-B68B-16BA15558D7E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-08hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C733117C-BFAE-459D-A9E2-5082C77A4D22\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-10p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"62E86462-EBEC-48CF-8B73-A3856B5A4412\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-10p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AEADBBF-9E5B-435E-BF81-3D2DBF369D33\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-18_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"90023A73-5FDD-4A1D-85A9-4663CE0A611D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-18:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72500D80-4EC8-4B49-8C22-FA19E03491DF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-26_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"997FF987-64C6-46E3-8260-8E1C20E74FAF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-26:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CDA0852-1A08-4327-ABEE-9A1059DFE9BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-26hp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"C87DDDED-8276-484F-ADCC-3CC73C2A5E89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-26hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9610ED5C-26BE-45A6-B6DD-00DA6AB0F57D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-26p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"E18B4EE6-F495-4AF0-831B-237135961156\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-26p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B19804D-C92A-4758-A2CF-E3D4D6ED65FF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-50_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"17B8C32E-1ED4-46A0-B7C9-25131173DA87\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF27F695-F2EA-43C9-B283-E7EEA70CB0F4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-50hp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"AF4B2460-C9DA-43D9-BA93-8F3D382D86AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-50hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7885727C-5100-49A7-909F-D4DF545BF65D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-50p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"33D31E90-CEC3-4B9E-AFDE-2D4968B18FA2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-50p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB6FE78-C783-4A7E-90B0-ABCDA72E2D8C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-24_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"A450299D-B719-4648-B6A3-DDD885888A4F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFBEB8EA-2E71-4F63-AAE3-07322722FD76\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-24p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"5FD3DF16-087B-4987-AEB7-0408D5B4D8B1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D32C81B6-F732-4E9B-A181-C87FC90F1150\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-48_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"FB155F3F-7EEA-4D11-97BE-0637FFC6F9DD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"145D2E2E-7B91-4A02-A7B1-78EC9D49E719\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg250-48hp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"72485824-B5EE-4608-8BE2-C90ECDCCDEEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg250-48hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66FE4C7D-BBF7-4CC7-A6A3-C0D6713C4FFC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf350-48_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"6B5E6167-62E9-44E4-93BD-0884B3B90777\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf350-48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF58ED1-AECE-435C-8F8F-6053C44E01C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf350-48p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"60C2982C-183F-41B1-9AA3-D5707F795E6B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf350-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2BE66F3-51C8-42D8-927A-5BA0B9B072EF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf350-48mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"80CED547-483B-4889-8079-77861D0590CD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf350-48mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2DE3B15-DD70-445E-936C-0C9D5C3F1450\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg350-10_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"CB64405B-E5CD-4E77-84A1-A6C65F41B167\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg350-10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79843C24-2CE8-4040-9C04-79902D8F741D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg350-10p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"26A3CD31-4E1D-4047-8058-E8019F3A4546\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg350-10p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD650E51-E248-4CFD-8163-72717B66D675\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg350-10mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"45DF22E1-24CE-4AA8-9B76-90A08E1D3FB9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg350-10mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B36A173-5C14-4B38-B3DD-CD83B19AF94B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg355-10mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"5A0F2ED4-EA54-41E8-8A14-F0CB8C1776D2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg355-10mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C07B10FC-9C39-482A-9807-16D49FDAD979\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg350-28_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"928A3EAF-E40F-4D7C-9925-A6145A32E2B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg350-28:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"500F9351-FA0C-4648-A2A6-ACFF6C8FD157\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg350-28p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"4A316620-A0B1-45FA-A2D3-9C7197AAB4FC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg350-28p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8122322F-6104-4978-9E00-40437365FF67\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg350-28mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"79CA829F-E578-426D-8E3D-797449D3CACB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg350-28mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11548FB9-ADB1-4281-B89B-6D61836072DE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sx550x-16ft_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"4B4E22B8-46CA-4539-8608-90A1B7C68B6F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sx550x-16ft:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02D9BEB5-78FE-49EB-92BE-6597E7608E71\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"5493DB18-7F2C-4A9E-971A-491824E5BF7D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFEDE246-7DF9-486D-A5B9-5596FE0AC582\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sx550x-12ft_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"67DF2CB4-7DFE-4B13-A9B4-7FCEEC2FD6EB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sx550x-12ft:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF7238B1-AF9E-450A-9A11-4B6CDC527CA6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"5493DB18-7F2C-4A9E-971A-491824E5BF7D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFEDE246-7DF9-486D-A5B9-5596FE0AC582\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sx550x-24_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"0D2F65F5-FC79-49AF-8122-5FF46D28EE0D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sx550x-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B39E214D-A4B7-460C-9402-8F94336B30A0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sx550x-52_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"AD599A09-5793-4A5E-8D9C-8A0936322143\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sx550x-52:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"297A662D-BD11-4021-8F19-946CA4BCF8D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-24_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"308E4391-7962-4F27-ADFC-B8BBF04D9089\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ADB1D69-CBDC-4045-A806-087878560EF4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-24p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"314F2981-1A9C-4156-98CC-62C6A71AA053\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81B88075-F579-492C-B87C-5E4291D269B2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-24mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"912253A6-3180-43BB-9D56-0DB7DB42065D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-24mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"605B8DE5-56EB-4FFF-BC04-1B3A38762727\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-24mpp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"72B077BF-70D4-427A-A4D9-18D0D755480E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-24mpp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C940275E-41A8-470D-AD97-AB6EC5A75CEF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-48_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"2B33A623-1F6C-4BC6-9E09-6590F45CEA5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"235AAB5A-9D0A-4864-89E2-D69D1D8A79D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-48p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"628B557D-2FE9-49E7-A47F-1EE150DEE74A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"967DCE55-B7D5-4D63-9693-B42FAA9243B1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sg550x-48mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"51E59E26-20EA-409B-99BE-0437425BA179\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sg550x-48mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AA6BED3-2564-4A7C-91DC-F843E301A35E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf550x-24_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"80C6A8B5-E26B-43AD-A32C-3A7E2BA0F4CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf550x-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F53C2EAA-CD47-4D76-BBC6-C59D531AB1D4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf550x-24p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"32AC8E8E-4496-4DEC-94CA-AFFAEE2BC485\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf550x-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BDF26D7-B3B5-47CA-94E9-B14BEFE02318\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf550x-48_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"6D3EF6D3-A329-48AB-A92A-0F5B9C6C6F2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf550x-48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C374EB87-A4C6-43FB-B42E-DEA973375EC2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf550x-48p_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"38BF0C89-07C4-43CF-85AD-01ECC8FBFE2C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf550x-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"903E59DA-DE59-4CD4-BE32-B91DDA1DA07D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sf550x-48mp_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0.90\",\"matchCriteriaId\":\"4A96FF9C-4A6A-45C8-A265-0E34D506EEE4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:sf550x-48mp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6AFC45-9ECC-4D4A-80BF-20F49C83A57A\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\", \"name\": \"20200122 Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:24:00.540Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3121\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-15T16:29:56.727357Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-15T16:30:48.221Z\"}}], \"cna\": {\"title\": \"Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability\", \"source\": {\"defect\": [[\"CSCvs09313\"]], \"advisory\": \"cisco-sa-20200122-sbsms-xss\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco 550X Series Stackable Managed Switches\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"n/a\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2020-01-22T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\", \"name\": \"20200122 Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-01-26T04:31:22\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"6.1\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\"}}, \"source\": {\"defect\": [[\"CSCvs09313\"]], \"advisory\": \"cisco-sa-20200122-sbsms-xss\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"n/a\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Cisco 550X Series Stackable Managed Switches\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sbsms-xss\", \"name\": \"20200122 Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-79\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3121\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-01-22T16:00:00-0800\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-3121\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T17:45:38.991Z\", \"dateReserved\": \"2019-12-12T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-01-26T04:31:22.955259Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.