AttackerKBAKB:545B5E8F-CB7E-4356-8B5D-A2118668272ACVE-2019-1892
EPSS
Percentile
52.6%
Cisco Small Business 200/300/500 Series Managed Switch HTTPS validation allows a memory corruption (DoS)
Recent assessments:
bwatters-r7 at July 09, 2019 5:54pm UTC reported:
This is a memory corruption vulnerability that allows an attacker to send a malformed HTTPS packet, which will then generate the corruption. At this time, there are no reports that the memory corruption will result in remote code execution, just a Denial of Service.
These switches are not Ciscoβs flagship products, so distribution will be limited, though that also means they are likely to be in locations without robust IT support, and upgrading the software on a core switch can be daunting and may have unanticipated consequences to the configuration, especially for novices.
While the surface area for attack is limited, this will likely retain a longer shelf life. It requires that HTTPS be enabled on the switch, which should be done to prevent eavesdropping, anyway.
Mitigations are fairly straight-forward; it is not a great practice to allow access to critical infrastructure configuration ports from untrusted areas, you should not disable the HTTPS connections, and there is a patch available from Cisco.
Assessed Attacker Value: 1
Assessed Attacker Value: 1Assessed Attacker Value: 3
Related
