ID

VAR-202305-1743


CVE

CVE-2023-20024


TITLE

Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products

Trust: 0.8

sources: JVNDB: JVNDB-2023-011047

DESCRIPTION

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Service operation interruption (DoS) It may be in a state. Cisco Small Business Series Switches are switch products of the American company Cisco. Cisco Small Business Series Switches have a heap buffer overflow vulnerability

Trust: 2.25

sources: NVD: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-85954

AFFECTED PRODUCTS

vendor:ciscomodel:business 350-48p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-48tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-52scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-10fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24s-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-52pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-18scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24pdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8fp-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf352-08mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48ngp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-50hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-50pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24fp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8t-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg355-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8p-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500xg-8f8tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-50pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16t-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24xtscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48fp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-28mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8t-dscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-50pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24pvscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-52ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24fp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-16t-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48pp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24pp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-50scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf352-08pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8t-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-2f10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24mgp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16p-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-12pmvscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8fp-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-12np-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-52pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48pvscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-8pmdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-12xsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-24tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-52mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48xt-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-48hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8s-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-26pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-08hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-50scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-26hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-48hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x24mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-24mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8mgp-2xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24fp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-24fscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-26pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-18pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8xtscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16p-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-18scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8pp-dscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24xsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-8mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-08pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-8f8tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16xtsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-52mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48fp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf355-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8pp-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-48tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf302-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-08hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16fp-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16t-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24xtsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf352-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg355-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-52scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-16p-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf302-08mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-26hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-24tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-50fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500xg8f8tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-18scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-26fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-50hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-8pdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-12xtscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-24fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-48ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8fp-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf302-08ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24ngp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-52pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24fp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8p-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-26pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8mp-2xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-50scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8p-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-24fscope:eqversion: -

Trust: 1.0

vendor:シスコシステムズmodel:business 250-24p-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8fp-e-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-16p-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8p-e-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48pp-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24fp-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8pp-dscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24pp-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24t-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-16t-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48p-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8t-e-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24fp-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48t-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24p-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24t-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48t-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8t-dscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48p-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8pp-e-2gscope: - version: -

Trust: 0.8

vendor:ciscomodel:small business series switchesscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2023-85954 // JVNDB: JVNDB-2023-011047 // NVD: CVE-2023-20024

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-20024
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20024
value: HIGH

Trust: 1.0

NVD: CVE-2023-20024
value: HIGH

Trust: 0.8

CNVD: CNVD-2023-85954
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202305-1727
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-85954
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2023-20024
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20024
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2023-20024
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-85954 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727 // NVD: CVE-2023-20024 // NVD: CVE-2023-20024

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-011047 // NVD: CVE-2023-20024

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202305-1727

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202305-1727

PATCH

title:cisco-sa-sg-web-multi-S9g4Nkgvurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv

Trust: 0.8

title:Patch for Heap Buffer Overflow Vulnerability in Cisco Small Business Series Switchesurl:https://www.cnvd.org.cn/patchInfo/show/478341

Trust: 0.6

title:Cisco Small Business Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=239223

Trust: 0.6

title:Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sg-web-multi-S9g4Nkgv

Trust: 0.1

sources: CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727

EXTERNAL IDS

db:NVDid:CVE-2023-20024

Trust: 3.9

db:JVNDBid:JVNDB-2023-011047

Trust: 0.8

db:CNVDid:CNVD-2023-85954

Trust: 0.6

db:AUSCERTid:ESB-2023.2892

Trust: 0.6

db:CNNVDid:CNNVD-202305-1727

Trust: 0.6

db:VULMONid:CVE-2023-20024

Trust: 0.1

sources: CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727 // NVD: CVE-2023-20024

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-20024

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2023.2892

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2023-20024/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2023-85954 // VULMON: CVE-2023-20024 // JVNDB: JVNDB-2023-011047 // CNNVD: CNNVD-202305-1727 // NVD: CVE-2023-20024

SOURCES

db:CNVDid:CNVD-2023-85954
db:VULMONid:CVE-2023-20024
db:JVNDBid:JVNDB-2023-011047
db:CNNVDid:CNNVD-202305-1727
db:NVDid:CVE-2023-20024

LAST UPDATE DATE

2024-08-14T13:20:43.965000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-85954date:2023-11-14T00:00:00
db:VULMONid:CVE-2023-20024date:2023-05-18T00:00:00
db:JVNDBid:JVNDB-2023-011047date:2023-12-12T05:23:00
db:CNNVDid:CNNVD-202305-1727date:2023-05-29T00:00:00
db:NVDid:CVE-2023-20024date:2023-11-07T04:05:46.733

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-85954date:2023-11-12T00:00:00
db:VULMONid:CVE-2023-20024date:2023-05-18T00:00:00
db:JVNDBid:JVNDB-2023-011047date:2023-12-12T00:00:00
db:CNNVDid:CNNVD-202305-1727date:2023-05-18T00:00:00
db:NVDid:CVE-2023-20024date:2023-05-18T03:15:09.590