ID

VAR-202305-1746


CVE

CVE-2023-20161


TITLE

Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products

Trust: 0.8

sources: JVNDB: JVNDB-2023-011167

DESCRIPTION

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco)

Trust: 2.25

sources: NVD: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-40906

AFFECTED PRODUCTS

vendor:ciscomodel:business 350-48p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-48tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-52scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-10fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24s-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-52pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-18scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24pdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8fp-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf352-08mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48ngp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-50hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-50pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24fp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8t-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg355-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8p-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500xg-8f8tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-50pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16t-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24xtscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48fp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-28mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8t-dscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-50pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24pvscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-52ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24fp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-16t-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48pp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24pp-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-50scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf352-08pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8t-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-2f10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24mgp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16p-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-12pmvscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8fp-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-12np-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-52pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48pvscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-8pmdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-12xsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-24tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-52mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48xt-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10sfpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-48hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8s-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-26pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-08hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-50scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-26hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-48hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x24mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-24mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8mgp-2xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48t-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24fp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350xg-24fscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-26pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-18pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8xtscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16p-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-18scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8pp-dscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24xsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf500-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-8mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-08pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-8f8tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16xtsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-52mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-48fp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf355-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8pp-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-48tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf302-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-08hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16fp-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf550x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-16t-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24xtsscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf352-08scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg355-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-10pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-52scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-16p-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg350-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf302-08mppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-26hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-24tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550x-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg300-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-50fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500xg8f8tscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200e-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24p-4gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-18scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg200-26fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-24ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-48t-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-50hpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-48mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-28pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-24mpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-8pdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-12xtscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-24fpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500-28scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf300-48ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8fp-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf302-08ppscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf200-48scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24ngp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf350-52pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-24fp-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 250-8p-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250x-24pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-26pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8mp-2xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sf250-24scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-24p-4xscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg250-50scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:business 350-8p-e-2gscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg500x-48pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:sg550xg-24fscope:eqversion: -

Trust: 1.0

vendor:シスコシステムズmodel:business 250-24p-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8fp-e-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-16p-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8p-e-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48pp-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24fp-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8pp-dscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24pp-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24t-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-16t-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48p-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8t-e-2gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24fp-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48t-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24p-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-24t-4gscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48t-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8t-dscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-48p-4xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:business 250-8pp-e-2gscope: - version: -

Trust: 0.8

vendor:ciscomodel:series smart switchesscope:eqversion:250<=2.5.9.15

Trust: 0.6

vendor:ciscomodel:series managed switchesscope:eqversion:350<=2.5.9.15

Trust: 0.6

vendor:ciscomodel:series stackable managed switchesscope:eqversion:350x<=2.5.9.15

Trust: 0.6

vendor:ciscomodel:series stackable managed switchesscope:eqversion:550x<=2.5.9.15

Trust: 0.6

vendor:ciscomodel:business series smart switchesscope:eqversion:250<=3.3.0.15

Trust: 0.6

vendor:ciscomodel:business series managed switchesscope:eqversion:350<=3.3.0.15

Trust: 0.6

vendor:ciscomodel:small business series smart switchesscope:eqversion:200<=2.5.9.15

Trust: 0.6

vendor:ciscomodel:small business series managed switchesscope:eqversion:300<=2.5.9.15

Trust: 0.6

vendor:ciscomodel:small business series stackable managed switchesscope:eqversion:500<=2.5.9.15

Trust: 0.6

sources: CNVD: CNVD-2023-40906 // JVNDB: JVNDB-2023-011167 // NVD: CVE-2023-20161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-20161
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20161
value: HIGH

Trust: 1.0

NVD: CVE-2023-20161
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2023-40906
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202305-1733
value: CRITICAL

Trust: 0.6

CNVD: CNVD-2023-40906
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2023-20161
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20161
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2023-20161
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-40906 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733 // NVD: CVE-2023-20161 // NVD: CVE-2023-20161

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-011167 // NVD: CVE-2023-20161

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202305-1733

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202305-1733

PATCH

title:cisco-sa-sg-web-multi-S9g4Nkgvurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv

Trust: 0.8

title:Patch for Cisco Small Business Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/429251

Trust: 0.6

title:Cisco Small Business Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=239229

Trust: 0.6

title:Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sg-web-multi-S9g4Nkgv

Trust: 0.1

title: - url:https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/

Trust: 0.1

sources: CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733

EXTERNAL IDS

db:NVDid:CVE-2023-20161

Trust: 3.9

db:JVNDBid:JVNDB-2023-011167

Trust: 0.8

db:CNVDid:CNVD-2023-40906

Trust: 0.6

db:AUSCERTid:ESB-2023.2892

Trust: 0.6

db:CNNVDid:CNNVD-202305-1733

Trust: 0.6

db:VULMONid:CVE-2023-20161

Trust: 0.1

sources: CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733 // NVD: CVE-2023-20161

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-20161

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2023-20161/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.2892

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/

Trust: 0.1

sources: CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733 // NVD: CVE-2023-20161

SOURCES

db:CNVDid:CNVD-2023-40906
db:VULMONid:CVE-2023-20161
db:JVNDBid:JVNDB-2023-011167
db:CNNVDid:CNNVD-202305-1733
db:NVDid:CVE-2023-20161

LAST UPDATE DATE

2024-08-14T13:20:44.036000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-40906date:2023-05-24T00:00:00
db:VULMONid:CVE-2023-20161date:2023-05-18T00:00:00
db:JVNDBid:JVNDB-2023-011167date:2023-12-12T07:25:00
db:CNNVDid:CNNVD-202305-1733date:2023-05-29T00:00:00
db:NVDid:CVE-2023-20161date:2023-11-07T04:06:19.453

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-40906date:2023-05-24T00:00:00
db:VULMONid:CVE-2023-20161date:2023-05-18T00:00:00
db:JVNDBid:JVNDB-2023-011167date:2023-12-12T00:00:00
db:CNNVDid:CNNVD-202305-1733date:2023-05-18T00:00:00
db:NVDid:CVE-2023-20161date:2023-05-18T03:15:10.337