FKIE_CVE-2019-1943
Vulnerability from fkie_nvd - Published: 2019-07-17 21:15 - Updated: 2024-11-21 04:37
Severity ?
4.7 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/109288 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109288 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1F4AF2-7330-4535-900E-B4A2A6B76A8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0219D69-91AE-4558-BF12-93BB82D74A48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-50p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03699C15-D612-4CEC-923C-7E69CC6F6C79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-50p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82842273-F24B-4210-8E07-5F7253018FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-50fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A444FC-D2A5-4847-B616-F5E729F10C75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-50fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E81B93-C7DB-4CC7-9FEA-914C853411B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1196E58A-FF08-4086-8B89-42DF19A3E2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2F454F-9084-4AD8-8F81-45A4AFAF63B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-26p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0419BDEB-DADB-4D0E-A747-6EEFF9D3A26B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-26p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A30A529-9796-4D10-AE55-698930E95CD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-26fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9702EE3-E077-4F70-AD90-EFD168BFCCBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-26fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0ACAD62-EA73-494C-8244-541642C3E397",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-18_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE91F6B0-635D-48B3-BBB2-C9A6AC367815",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD5CDA0-F982-492B-B631-6B0958F82A7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-10fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5A806E-4E9F-45D2-936F-F9416342FBA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-10fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D173967C-5FF3-49DE-863B-26F7DF8B5F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-08_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF3A3B-93C1-4DD6-AFEC-60B3E7FFB114",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "335CA93E-604D-4060-9D24-E4E9D7740A3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg200-08p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE4DDC3-43B2-4487-90FE-A3529D3A5AA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg200-08p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB844823-174D-487B-A211-E650D638A010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE54B823-D772-49CF-9BA4-D8056C31A915",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1866B4D0-0FF2-4C79-A07B-4FAE5586F7E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "471C22F3-B110-46E4-BA52-8FDA4412EA0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A8518B-EE72-4CEA-B2A8-9F17898F4476",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-24fp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC963AF6-F648-4A5B-84C6-1D5823222527",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-24fp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8A349B-73D2-4010-90C2-B153B3245487",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47341322-B516-4957-8CC0-5F34D8983937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F27801-DCF0-4843-90F8-2A1694BB29E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf200-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB592B62-F1DE-4BF5-A975-345483C37949",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf200-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B12AEA51-CF3B-44CC-9943-E370A29EFDC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08pp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "2771C8A5-8074-4739-AD13-6A9613AD5F0A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFEF3C3-0C7C-4359-A45F-00152ACAB545",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08mpp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "11F2791E-C3DA-4C03-AD22-3D297BE15A7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19890DBE-F1B9-4454-8738-AC2AC6704C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10pp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "32191D8C-732B-4A86-A7F5-39F86D489EFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1772C3-48DB-4BEF-9F12-CDCC3BBFA0E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10mpp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDDBFBE-A2D8-4153-8728-B460A645A61F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD7CDE3-7247-4EA9-8A72-7ABC961BD895",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24pp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "32C00DEB-D048-4CD4-9FAC-452975E18A8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7B70CB-9D7A-4637-8A51-634157F7AC85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-48pp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BD4735-5291-430D-9D37-85C5CEA7BCFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-48pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5248F85-411D-4ED9-983C-A28A90C8FC70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28pp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6459BD48-9D03-4869-9709-03E453BD0E7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28pp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6F6741-AA56-47EA-998C-78FD7F6B01CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-08_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F36533AD-E2CC-4D44-B9AE-05597415E5C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C96B794-16D3-46FE-8A2B-262BD38994E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-48p_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F55C1D18-343A-4961-8377-25509F709480",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5307DEF-DCD1-417A-B649-FF4DCE66193E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10mp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "825A2B20-0C4F-4B41-84DE-5DD6E625672F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95F6D7AC-2ACB-4693-AB8E-C700B99C5BF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10p_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE3662-EFB4-415C-A276-33692A883B16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9054C3D1-BA1A-4BAC-8834-88673B804E4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CA3661-3BF3-46AC-B2A5-75F9154F7342",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78B44981-5C59-4328-A7DB-FBF50F9C92C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28p_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7963297B-A97D-4704-9E5C-51311AC99AFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D5109D-C78B-4362-B000-0AA073FCC843",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24p_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "54AF17F5-1579-441A-81CA-1A32106871B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D909B9-5B11-401E-8484-D6CD39D64142",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08mp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C9E514-5EF0-49FB-8D29-162231770292",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8124725E-8340-43BC-BEBB-BC39E3AE7368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A59ACB01-F0DC-4EBA-A078-B7BE6390162F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E74DB8D8-B79B-4DAE-BF88-98C1F518E76D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-48_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA8C7A2-1E90-4CFB-8780-A98B786562E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "765DECDB-4234-4444-B78F-01C1DCBAD8FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-20_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F7637BBD-6D6C-4EB4-8F90-0A8DB62890A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50A677CE-4360-4780-ABF9-466C45CB19E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08p_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFAF764-7275-4E51-A2DD-E0BFEEEF51BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C97D56-2E3C-4F36-89E2-BC169AED3CC2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-52_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F3D9E1-3663-47A7-9F32-2636084D2A7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26EE1D-763F-4893-9997-F4C1CE7A1089",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B924994-14BD-43F7-A958-B9B6C581A331",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C324F7E3-2088-452F-B049-519A9D25C9B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf302-08_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C9ADCCA3-A32F-425A-9E1E-10703BA38D74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf302-08:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04042998-72B6-4215-9264-CC563E51D9CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf300-24mp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "220CCE1B-C6A4-4F67-9A1B-2DA6CA7C2CA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf300-24mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4882366A-9450-47BE-BE70-CC3A9D2F5275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-10sfp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "35D0E391-B0AD-4577-A1BD-B31179B41C6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-10sfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B402FBC0-91FC-471D-9D8A-C71F4FECF338",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-28mp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "79624321-A683-4714-9F13-9FCAE4B4B604",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-28mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB2B761-E591-42B6-B62F-63A6D41F4FAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-52p_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "282C7CA0-A341-4C64-A8C6-C390A70093E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-52p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9DF9C4-9D06-4449-8AF0-8322C6B77F6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg300-52mp_firmware:1.3.7.18:*:*:*:*:*:*:*",
"matchCriteriaId": "227DB561-5C81-4CA2-93A3-9F36E91A6C69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg300-52mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C3B5A2-CAE6-4E75-A1A3-4FCB1C62A7A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-28mpp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1FAC9E-45D1-4CB9-9BB2-389427199D52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-28mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6035EA-0F55-4C76-9E2F-DD4938576D1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-52mp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91A93E7F-A05D-4617-9BB9-6962CDB08AE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-52mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E534B2-12EA-489B-A939-4F1965B5EC66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500xg-8f8t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F73C16B-814C-447E-84C2-893B9ED90693",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500xg-8f8t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FE0E3E-5AB4-4BBA-A787-072799BF3EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6E4A156-2BF5-4F65-916C-E94AD6F899A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0F8958-8059-411B-86C8-40B1073C80C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ACD1A2A-9CCE-4A92-AC7B-9921172F1BC1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "218D6018-551C-46B8-AE27-F88E6052F37B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A1075B-47F6-4361-9FAC-4FCE932ED61D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB8DE78-E398-458B-98EF-EEEB6E219BAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sf500-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4EE51C-F69E-412E-BE53-00B377564D01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sf500-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E443C685-F000-4F89-ADEA-7084138018D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-28_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48E2C7ED-765A-442D-8FC6-5D769AD05251",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-28:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0779C5EE-C145-4C28-8F60-EE692409102D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-28p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1431252-1FAE-4492-A7C4-69D47BBEB228",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-28p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4D4AD6-C5FD-40D8-B002-2B784EC88B89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-52_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67BE410C-FF81-4D5D-8C81-15A4C0E02E4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40273E59-7C60-4094-B9FC-A633A2F23E61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500-52p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41E2FD03-6870-466F-9389-6D044BAC5DA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500-52p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14A201E5-0603-4C96-8F4B-87934B7B99D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-24_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA293370-953C-42ED-BF25-4C439A8D986A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A9D4D4-EF09-4862-B62A-94913AEFA2BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-24p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F89D89-F7E9-4BC2-9A5F-3689930DAEF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0093FE2A-3D4C-4435-AE35-D213C9700771",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-48_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B7BB55-2872-411F-8E0B-EED8746FA013",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84D71EE-64CC-4966-98D1-C0697816120A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:sg500x-48p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E70A5C52-9C3B-4FA8-9208-FF19200BD3F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sg500x-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99C3C2-0B98-4108-8102-80132BF47A32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user\u0027s HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz web del software Cisco Small Business 200, 300 y 500 Series Switches podr\u00eda permitir que un atacante remoto no autenticado redirija a un usuario a una p\u00e1gina web maliciosa. La vulnerabilidad se debe a una validaci\u00f3n incorrecta de entradas de los par\u00e1metros en una petici\u00f3n HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad al interceptar la solicitud HTTP de un usuario y modificarla en una solicitud que haga que la interfaz web redirija al usuario a una URL maliciosa espec\u00edfica. Este tipo de vulnerabilidad se conoce como ataque de redirecci\u00f3n abierta y se usa en ataques de suplantaci\u00f3n de identidad que hacen que los usuarios visiten sin saberlo sitios maliciosos."
}
],
"id": "CVE-2019-1943",
"lastModified": "2024-11-21T04:37:44.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-17T21:15:12.453",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109288"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…