WID-SEC-W-2023-1239

Vulnerability from csaf_certbund - Published: 2023-05-18 22:00 - Updated: 2023-05-21 22:00
Summary
Cisco Small Business Switches: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Cisco Small Business Produktfamilie beinhaltet Netzwerk-, Kommunikations-, WLAN- und Sicherheitsprodukte, sowie Router und Switche.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Cisco Small Business Switches ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - CISCO Appliance
CVE-2023-20189

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20162

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20161

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20160

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20159

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20158

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20157

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20156

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
CVE-2023-20024

In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Pufferüberläufe in dem webbasierten User-Interface zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen oder einen Denial of Service Zustand herbeizuführen.

Affected products
Product Identifier Version Remediation
Cisco Small Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:250_series_smart_switches
Cisco Small Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350_series_managed_switches
Cisco Small Business Small Business 500 Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches
Cisco Small Business Small Business 200 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_200_series_smart_switches
Cisco Small Business Small Business 300 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:small_business_300_series_managed_switches
Cisco Small Business Business 250 Series Smart Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_250_series_smart_switches
Cisco Small Business Business 350 Series Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:business_350_series_managed_switches
Cisco Small Business 350X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:350x_series_stackable_managed_switches
Cisco Small Business 550X Series Stackable Managed Switches
Cisco / Small Business
 cpe:/h:cisco:small_business:550x_series_stackable_managed_switches
References
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Die Cisco Small Business Produktfamilie beinhaltet Netzwerk-, Kommunikations-, WLAN- und Sicherheitsprodukte, sowie Router und Switche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Cisco Small Business Switches ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- CISCO Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1239 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1239.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1239 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1239"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory CISCO-SA-SG-WEB-MULTI-S9G4NKGV vom 2023-05-18",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv"
      }
    ],
    "source_lang": "en-US",
    "title": "Cisco Small Business Switches: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-05-21T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:51:04.787+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-1239",
      "initial_release_date": "2023-05-18T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-05-18T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-05-21T22:00:00.000+00:00",
          "number": "2",
          "summary": "Beschreibung pr\u00e4zisiert: Es sind nur Switches betroffen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Cisco Small Business 250 Series Smart Switches",
                "product": {
                  "name": "Cisco Small Business 250 Series Smart Switches",
                  "product_id": "T027780",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:250_series_smart_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business 350 Series Managed Switches",
                "product": {
                  "name": "Cisco Small Business 350 Series Managed Switches",
                  "product_id": "T027781",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:350_series_managed_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business 350X Series Stackable Managed Switches",
                "product": {
                  "name": "Cisco Small Business 350X Series Stackable Managed Switches",
                  "product_id": "T027782",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:350x_series_stackable_managed_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business 550X Series Stackable Managed Switches",
                "product": {
                  "name": "Cisco Small Business 550X Series Stackable Managed Switches",
                  "product_id": "T027783",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:550x_series_stackable_managed_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business Business 250 Series Smart Switches",
                "product": {
                  "name": "Cisco Small Business Business 250 Series Smart Switches",
                  "product_id": "T027784",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:business_250_series_smart_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business Business 350 Series Managed Switches",
                "product": {
                  "name": "Cisco Small Business Business 350 Series Managed Switches",
                  "product_id": "T027785",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:business_350_series_managed_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business Small Business 200 Series Smart Switches",
                "product": {
                  "name": "Cisco Small Business Small Business 200 Series Smart Switches",
                  "product_id": "T027786",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:small_business_200_series_smart_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business Small Business 300 Series Managed Switches",
                "product": {
                  "name": "Cisco Small Business Small Business 300 Series Managed Switches",
                  "product_id": "T027787",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:small_business_300_series_managed_switches"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Small Business Small Business 500 Series Stackable Managed Switches",
                "product": {
                  "name": "Cisco Small Business Small Business 500 Series Stackable Managed Switches",
                  "product_id": "T027788",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:small_business:small_business_500_series_stackable_managed_switches"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Small Business"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-20189",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20189"
    },
    {
      "cve": "CVE-2023-20162",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20162"
    },
    {
      "cve": "CVE-2023-20161",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20161"
    },
    {
      "cve": "CVE-2023-20160",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20160"
    },
    {
      "cve": "CVE-2023-20159",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20159"
    },
    {
      "cve": "CVE-2023-20158",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20158"
    },
    {
      "cve": "CVE-2023-20157",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20157"
    },
    {
      "cve": "CVE-2023-20156",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20156"
    },
    {
      "cve": "CVE-2023-20024",
      "notes": [
        {
          "category": "description",
          "text": "In verschiedenen Switches der Cisco Small Business Reihe existieren mehrere Schwachstellen. Diese sind auf einige Puffer\u00fcberl\u00e4ufe in dem webbasierten User-Interface zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T027780",
          "T027781",
          "T027788",
          "T027786",
          "T027787",
          "T027784",
          "T027785",
          "T027782",
          "T027783"
        ]
      },
      "release_date": "2023-05-18T22:00:00.000+00:00",
      "title": "CVE-2023-20024"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.