Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
CVE-2023-20024

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Small Business Smart And Managed Switches
Vendor: CVE Published:; 18 May 2023

Badges

👾 Exploit Exists

What is CVE-2023-20024?

Cisco Small Business Series Switches have multiple vulnerabilities in their web-based user interface, enabling unauthenticated remote attackers to trigger a denial of service (DoS) condition or execute arbitrary code with root privileges. These vulnerabilities arise from improper validation of requests sent to the web interface, posing serious risks to network security. Organizations using these switches should consult the vendor's advisory for mitigation strategies and updates.

Affected Version(s)

Cisco Small Business Smart and Managed Switches

References

https://sec.cloudapps.cisco.com/security/center/content/C...

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 28, 2024
Vulnerability published
May 18, 2023
Vulnerability Reserved
Oct 27, 2022