cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20263,https://securityvulnerability.io/vulnerability/CVE-2024-20263,Access Control Bypass in Cisco Business 250 and 350 Series Switches,"A vulnerability exists in the access control list (ACL) management within the stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches. This flaw allows an unauthenticated, remote attacker to bypass ACL protections when a primary or backup switch undergoes a full stack reload or power cycle. The vulnerability arises from improper handling of ACLs in a stacked configuration, leading to potential manipulation of traffic flow. An attacker can exploit this by sending specially crafted traffic through an affected device, resulting in unexpected traffic management outcomes. It is important to note that while ACLs are properly enforced on primary devices, the potential for inconsistent application on backup devices could lead to security breaches.",Cisco,Cisco Small Business Smart and Managed Switches,7.2,HIGH,0.0010499999625608325,false,,false,false,false,,,false,false,,2024-01-26T17:27:08.928Z,0
CVE-2023-20188,https://securityvulnerability.io/vulnerability/CVE-2023-20188,Stored Cross-Site Scripting Vulnerability in Cisco Small Business Switches,"A security flaw exists in the web-based management interface of several Cisco Small Business Switches, enabling authenticated attackers to execute stored cross-site scripting (XSS) attacks. This vulnerability arises from inadequate validation of input provided by users. By deceiving a victim into accessing a malicious page, an attacker can potentially run arbitrary scripts within the context of the management interface, which may lead to unauthorized data access and manipulation. Effective exploitation requires valid credentials to access the management interface, as Cisco has not issued any updates to rectify this issue.",Cisco,Cisco Small Business Smart and Managed Switches,4.8,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-06-28T00:00:00.000Z,0
CVE-2023-20162,https://securityvulnerability.io/vulnerability/CVE-2023-20162,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Certain Cisco Small Business Series Switches contain vulnerabilities in their web-based user interface. These vulnerabilities allow unauthenticated, remote attackers to potentially cause a denial of service (DoS) or execute arbitrary code with root privileges. The issue arises from inadequate validation of requests to the web interface, making devices susceptible to exploitation. For more detailed information, refer to the vendor advisory.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20189,https://securityvulnerability.io/vulnerability/CVE-2023-20189,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Multiple vulnerabilities exist in the web-based user interface of certain Cisco Small Business Series Switches. These vulnerabilities can be exploited by unauthenticated remote attackers to create a denial of service (DoS) situation or to execute arbitrary code with root privileges on the affected devices. They stem from improper validation of requests directed at the web interface, allowing attackers to manipulate and exploit the system. Proper security measures should be taken to safeguard against these potential threats.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20157,https://securityvulnerability.io/vulnerability/CVE-2023-20157,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"The vulnerabilities present in the web-based user interface of select Cisco Small Business Series Switches could permit an unauthenticated remote attacker to achieve denial of service or execute arbitrary code with root privileges. These security flaws arise from inadequate request validation within the web interface, potentially leading to severe disruptions and unauthorized control over the impacted devices.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20156,https://securityvulnerability.io/vulnerability/CVE-2023-20156,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Certain Cisco Small Business Series Switches have multiple vulnerabilities in their web-based user interface, allowing unauthenticated remote attackers to exploit these flaws. By sending specially crafted requests to the web interface, an adversary could cause a denial of service condition or execute arbitrary code with root permissions on affected devices. The root cause of these vulnerabilities lies in the improper validation of input requests, making it crucial for users to apply the recommended updates and mitigations to safeguard their devices.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20159,https://securityvulnerability.io/vulnerability/CVE-2023-20159,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Certain Cisco Small Business Series Switches have vulnerabilities in their web-based user interface that could allow unauthenticated, remote attackers to initiate a denial of service (DoS) condition or execute arbitrary code with root privileges. This situation arises from inadequate validation of incoming requests, allowing malicious entities to manipulate the device's behavior. Organizations using these switches should apply recommended security measures to mitigate potential impacts.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20160,https://securityvulnerability.io/vulnerability/CVE-2023-20160,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"The web-based user interface of certain Cisco Small Business Series Switches is susceptible to multiple vulnerabilities that allow unauthenticated remote attackers to potentially execute arbitrary code with root privileges or trigger a denial of service (DoS). The root cause of these issues is improper validation of requests to the web interface, highlighting a critical weakness in the device's security that must be addressed to prevent exploitation. Detailed insights into these vulnerabilities are available in the advisory linked.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20161,https://securityvulnerability.io/vulnerability/CVE-2023-20161,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Several vulnerabilities in the web-based user interface of Cisco Small Business Series Switches could allow unauthenticated attackers to trigger a denial of service condition or execute arbitrary code with root privileges. These issues arise from inadequate validation of requests made to the web interface, which can be exploited to compromise device security. For further details, refer to the Cisco advisory linked below.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20024,https://securityvulnerability.io/vulnerability/CVE-2023-20024,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Cisco Small Business Series Switches have multiple vulnerabilities in their web-based user interface, enabling unauthenticated remote attackers to trigger a denial of service (DoS) condition or execute arbitrary code with root privileges. These vulnerabilities arise from improper validation of requests sent to the web interface, posing serious risks to network security. Organizations using these switches should consult the vendor's advisory for mitigation strategies and updates.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.0009399999980814755,false,,false,false,true,2024-10-28T17:15:04.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2023-20158,https://securityvulnerability.io/vulnerability/CVE-2023-20158,Cisco Small Business Series Switches Buffer Overflow Vulnerabilities,"Multiple vulnerabilities within the web-based user interface of specific Cisco Small Business Series Switches allow unauthenticated remote attackers to exploit improper request validation. This exploitation can lead to denial of service (DoS) conditions or the execution of arbitrary code with root privileges. The vulnerabilities arise from the failure to adequately validate incoming requests directed at the device's web interface. For more detailed information, refer to the Cisco advisory detailing these issues.",Cisco,Cisco Small Business Smart And Managed Switches,8.6,HIGH,0.002199999988079071,false,,false,false,true,2024-10-28T17:15:06.000Z,,false,false,,2023-05-18T03:15:00.000Z,0
CVE-2021-40127,https://securityvulnerability.io/vulnerability/CVE-2021-40127,"Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability","A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a permanent invalid redirect for requests sent to the web-based management interface of the device, resulting in a DoS condition.",Cisco,Cisco Small Business Smart And Managed Switches,5.3,MEDIUM,0.0010600000387057662,false,,false,false,true,2024-08-04T03:16:55.000Z,,false,false,,2021-11-04T16:15:00.000Z,0
CVE-2021-34739,https://securityvulnerability.io/vulnerability/CVE-2021-34739,Cisco Small Business Series Switches Session Credentials Replay Vulnerability,"A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges.",Cisco,Cisco Small Business Smart And Managed Switches,8.1,HIGH,0.0029299999587237835,false,,false,false,true,2024-08-04T02:15:22.000Z,,false,false,,2021-11-04T16:15:00.000Z,0