Cisco Small Business Switches Denial of Service Vulnerability
CVE-2020-3147

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Small Business 300 Series Managed Switches
Vendor: CVE Published:; 30 January 2020

Badges

👾 Exploit Exists

Summary

A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This vulnerability affects firmware releases prior than 1.3.7.18

Affected Version(s)

Cisco Small Business 300 Series Managed Switches < 1.3.7.18

References

https://tools.cisco.com/security/center/content/CiscoSecu...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Aug 4, 2024
Vulnerability published
Jan 30, 2020
Vulnerability Reserved
Dec 12, 2019