Details of VAR-202305-1743

ID

VAR-202305-1743

CVE

CVE-2023-20024

TITLE

Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products

Trust: 0.8

sources: JVNDB: JVNDB-2023-011047

DESCRIPTION

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Service operation interruption (DoS) It may be in a state. Cisco Small Business Series Switches are switch products of the American company Cisco. Cisco Small Business Series Switches have a heap buffer overflow vulnerability

Trust: 2.25

sources: NVD: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-85954

AFFECTED PRODUCTS

vendor:	cisco	model:	business 350-48p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-10fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24s-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-20	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24pd	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8fp-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf352-08mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48ngp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24fp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8t-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg355-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8p-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500xg-8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16t-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24xt	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48fp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8t-d	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24pv	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24fp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-16t-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48pp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24pp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf352-08p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8t-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-2f10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24mgp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16p-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-12pmv	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8fp-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-12np-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48pv	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-8pmd	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-12xs	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-24t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-52mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48xt-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-48hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8s-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-08hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-48hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8mgp-2x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-20	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24fp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-24f	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-18p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8xt	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16p-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8pp-d	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24xs	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-8mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-08p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16xts	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48fp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf355-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8pp-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-08hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16fp-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16t-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24xts	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf352-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg355-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-16p-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-26hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-24t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500xg8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-50hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-8pd	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-12xt	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8fp-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24ngp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24fp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8p-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8mp-2x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8p-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-24f	scope:	eq	version:	-	Trust: 1.0
vendor:	シスコシステムズ	model:	business 250-24p-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8fp-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-16p-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8p-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48pp-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24fp-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8pp-d	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24pp-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24t-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-16t-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48p-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8t-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24fp-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48t-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24p-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24t-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48t-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8t-d	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48p-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8pp-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	small business series switches	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2023-85954 // JVNDB: JVNDB-2023-011047 // NVD: CVE-2023-20024

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-20024
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20024
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-20024
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2023-85954
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202305-1727
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2023-85954
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-20024
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20024
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2023-20024
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2023-85954 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727 // NVD: CVE-2023-20024 // NVD: CVE-2023-20024

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-011047 // NVD: CVE-2023-20024

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202305-1727

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202305-1727

PATCH

title:	cisco-sa-sg-web-multi-S9g4Nkgv	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv	Trust: 0.8
title:	Patch for Heap Buffer Overflow Vulnerability in Cisco Small Business Series Switches	url:	https://www.cnvd.org.cn/patchInfo/show/478341	Trust: 0.6
title:	Cisco Small Business Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=239223	Trust: 0.6
title:	Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sg-web-multi-S9g4Nkgv	Trust: 0.1

sources: CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727

EXTERNAL IDS

db:	NVD	id:	CVE-2023-20024	Trust: 3.9
db:	JVNDB	id:	JVNDB-2023-011047	Trust: 0.8
db:	CNVD	id:	CNVD-2023-85954	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.2892	Trust: 0.6
db:	CNNVD	id:	CNNVD-202305-1727	Trust: 0.6
db:	VULMON	id:	CVE-2023-20024	Trust: 0.1

sources: CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727 // NVD: CVE-2023-20024

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-20024	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2023.2892	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2023-20024/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727 // NVD: CVE-2023-20024

SOURCES

db:	CNVD	id:	CNVD-2023-85954
db:	VULMON	id:	CVE-2023-20024
db:	JVNDB	id:	JVNDB-2023-011047
db:	CNNVD	id:	CNNVD-202305-1727
db:	NVD	id:	CVE-2023-20024

LAST UPDATE DATE

2024-08-14T13:20:43.965000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2023-85954	date:	2023-11-14T00:00:00
db:	VULMON	id:	CVE-2023-20024	date:	2023-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2023-011047	date:	2023-12-12T05:23:00
db:	CNNVD	id:	CNNVD-202305-1727	date:	2023-05-29T00:00:00
db:	NVD	id:	CVE-2023-20024	date:	2023-11-07T04:05:46.733

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2023-85954	date:	2023-11-12T00:00:00
db:	VULMON	id:	CVE-2023-20024	date:	2023-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2023-011047	date:	2023-12-12T00:00:00
db:	CNNVD	id:	CNNVD-202305-1727	date:	2023-05-18T00:00:00
db:	NVD	id:	CVE-2023-20024	date:	2023-05-18T03:15:09.590