Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
CVE-2023-20160

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Small Business Smart And Managed Switches
Vendor: CVE Published:; 18 May 2023

Badges

👾 Exploit Exists

Summary

The web-based user interface of certain Cisco Small Business Series Switches is susceptible to multiple vulnerabilities that allow unauthenticated remote attackers to potentially execute arbitrary code with root privileges or trigger a denial of service (DoS). The root cause of these issues is improper validation of requests to the web interface, highlighting a critical weakness in the device's security that must be addressed to prevent exploitation. Detailed insights into these vulnerabilities are available in the advisory linked.

Affected Version(s)

Cisco Small Business Smart and Managed Switches

References

https://sec.cloudapps.cisco.com/security/center/content/C...

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Oct 28, 2024
Vulnerability published
May 18, 2023
Vulnerability Reserved
Oct 27, 2022