Details of VAR-202305-1746

ID

VAR-202305-1746

CVE

CVE-2023-20161

TITLE

Classic Buffer Overflow Vulnerability in Multiple Cisco Systems Products

Trust: 0.8

sources: JVNDB: JVNDB-2023-011167

DESCRIPTION

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory. Business 250-16p-2g firmware, Business 250-16t-2g firmware, Business 250-24fp-4g Classic buffer overflow vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business is a switch of Cisco (Cisco)

Trust: 2.25

sources: NVD: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-40906

AFFECTED PRODUCTS

vendor:	cisco	model:	business 350-48p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-10fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24s-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-20	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24pd	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8fp-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf352-08mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48ngp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24fp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8t-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg355-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8p-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500xg-8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16t-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24xt	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48fp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8t-d	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24pv	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-52pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24fp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-16t-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48pp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24pp-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf352-08p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8t-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-2f10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24mgp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16p-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-12pmv	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8fp-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-12np-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48pv	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-8pmd	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-12xs	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-24t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-52mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48xt-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10sfp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-48hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8s-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-08hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-48hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-24mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8mgp-2x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48t-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-20	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24fp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350xg-24f	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-18p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8xt	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16p-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8pp-d	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24xs	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf500-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-8mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-08p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16xts	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-52mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-48fp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf355-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8pp-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-48t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-08hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16fp-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf550x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-16t-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24xts	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf352-08	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg355-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-10p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-52	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-16p-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg350-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08mpp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-26hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-24t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550x-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg300-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-50fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500xg8f8t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200e-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24p-4g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-18	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg200-26fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-24pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-48t-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-50hp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-48mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-28p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-24mp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-8pd	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-12xt	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-24fp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500-28	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf300-48pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8fp-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf302-08pp	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf200-48	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24ngp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf350-52p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-24fp-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 250-8p-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250x-24p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-26p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8mp-2x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sf250-24	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-24p-4x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg250-50	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	business 350-8p-e-2g	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg500x-48p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	sg550xg-24f	scope:	eq	version:	-	Trust: 1.0
vendor:	シスコシステムズ	model:	business 250-24p-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8fp-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-16p-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8p-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48pp-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24fp-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8pp-d	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24pp-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24t-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-16t-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48p-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8t-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24fp-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48t-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24p-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-24t-4g	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48t-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8t-d	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-48p-4x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	business 250-8pp-e-2g	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	series smart switches	scope:	eq	version:	250<=2.5.9.15	Trust: 0.6
vendor:	cisco	model:	series managed switches	scope:	eq	version:	350<=2.5.9.15	Trust: 0.6
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	350x<=2.5.9.15	Trust: 0.6
vendor:	cisco	model:	series stackable managed switches	scope:	eq	version:	550x<=2.5.9.15	Trust: 0.6
vendor:	cisco	model:	business series smart switches	scope:	eq	version:	250<=3.3.0.15	Trust: 0.6
vendor:	cisco	model:	business series managed switches	scope:	eq	version:	350<=3.3.0.15	Trust: 0.6
vendor:	cisco	model:	small business series smart switches	scope:	eq	version:	200<=2.5.9.15	Trust: 0.6
vendor:	cisco	model:	small business series managed switches	scope:	eq	version:	300<=2.5.9.15	Trust: 0.6
vendor:	cisco	model:	small business series stackable managed switches	scope:	eq	version:	500<=2.5.9.15	Trust: 0.6

sources: CNVD: CNVD-2023-40906 // JVNDB: JVNDB-2023-011167 // NVD: CVE-2023-20161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-20161
value:	CRITICAL
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20161
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-20161
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2023-40906
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202305-1733
value:	CRITICAL
Trust: 0.6

CNVD:	CNVD-2023-40906
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-20161
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20161
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2023-20161
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2023-40906 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733 // NVD: CVE-2023-20161 // NVD: CVE-2023-20161

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-011167 // NVD: CVE-2023-20161

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202305-1733

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202305-1733

PATCH

title:	cisco-sa-sg-web-multi-S9g4Nkgv	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv	Trust: 0.8
title:	Patch for Cisco Small Business Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/429251	Trust: 0.6
title:	Cisco Small Business Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=239229	Trust: 0.6
title:	Cisco: Cisco Small Business Series Switches Buffer Overflow Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sg-web-multi-S9g4Nkgv	Trust: 0.1
title:	-	url:	https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/	Trust: 0.1

sources: CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733

EXTERNAL IDS

db:	NVD	id:	CVE-2023-20161	Trust: 3.9
db:	JVNDB	id:	JVNDB-2023-011167	Trust: 0.8
db:	CNVD	id:	CNVD-2023-40906	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.2892	Trust: 0.6
db:	CNNVD	id:	CNNVD-202305-1733	Trust: 0.6
db:	VULMON	id:	CVE-2023-20161	Trust: 0.1

sources: CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733 // NVD: CVE-2023-20161

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sg-web-multi-s9g4nkgv	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-20161	Trust: 1.4
url:	https://cxsecurity.com/cveshow/cve-2023-20161/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.2892	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.theregister.co.uk/2023/05/18/cisco_patches_small_biz_switches/	Trust: 0.1

sources: CNVD: CNVD-2023-40906 // VULMON: CVE-2023-20161 // JVNDB: JVNDB-2023-011167 // CNNVD: CNNVD-202305-1733 // NVD: CVE-2023-20161

SOURCES

db:	CNVD	id:	CNVD-2023-40906
db:	VULMON	id:	CVE-2023-20161
db:	JVNDB	id:	JVNDB-2023-011167
db:	CNNVD	id:	CNNVD-202305-1733
db:	NVD	id:	CVE-2023-20161

LAST UPDATE DATE

2024-08-14T13:20:44.036000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2023-40906	date:	2023-05-24T00:00:00
db:	VULMON	id:	CVE-2023-20161	date:	2023-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2023-011167	date:	2023-12-12T07:25:00
db:	CNNVD	id:	CNNVD-202305-1733	date:	2023-05-29T00:00:00
db:	NVD	id:	CVE-2023-20161	date:	2023-11-07T04:06:19.453

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2023-40906	date:	2023-05-24T00:00:00
db:	VULMON	id:	CVE-2023-20161	date:	2023-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2023-011167	date:	2023-12-12T00:00:00
db:	CNNVD	id:	CNNVD-202305-1733	date:	2023-05-18T00:00:00
db:	NVD	id:	CVE-2023-20161	date:	2023-05-18T03:15:10.337