Lucene search

CiscoCVE-2017-6720

HistorySep 21, 2017 - 5:29 a.m.

CVE-2017-6720

2017-09-2105:29:01

CWE-119

cisco

web.nvd.nist.gov

cisco

small business

managed switches

ssh

vulnerability

dos

nvd

cve-2017-6720

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. This vulnerability affects the following Cisco products when SSH is enabled: Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvb48377.

Affected configurations

Nvd

Node

ciscosf302-08ppMatch-

AND

ciscosf302-08pp_firmwareRange<1.4.8.06

Node

ciscosf302-08mppMatch-

AND

ciscosf302-08mpp_firmwareRange<1.4.8.06

Node

ciscosg300-10ppMatch-

AND

ciscosg300-10pp_firmwareRange<1.4.8.06

Node

ciscosg300-10mppMatch-

AND

ciscosg300-10mpp_firmwareRange<1.4.8.06

Node

ciscosf300-24ppMatch-

AND

ciscosf300-24pp_firmwareRange<1.4.8.06

Node

ciscosf300-48ppMatch-

AND

ciscosf300-48pp_firmwareRange<1.4.8.06

Node

ciscosg300-28ppMatch-

AND

ciscosg300-28pp_firmwareRange<1.4.8.06

Node

ciscosf300-08Match-

AND

ciscosf300-08_firmwareRange<1.4.8.06

Node

ciscosf300-48p_firmwareRange<1.4.8.06

AND

ciscosf300-48pMatch-

Node

ciscosg300-10mp_firmwareRange<1.4.8.06

AND

ciscosg300-10mpMatch-

Node

ciscosg300-10p_firmwareRange<1.4.8.06

AND

ciscosg300-10pMatch-

Node

ciscosg300-10_firmwareRange<1.4.8.06

AND

ciscosg300-10Match-

Node

ciscosg300-28p_firmwareRange<1.4.8.06

AND

ciscosg300-28pMatch-

Node

ciscosf300-24p_firmwareRange<1.4.8.06

AND

ciscosf300-24pMatch-

Node

ciscosf302-08mp_firmwareRange<1.4.8.06

AND

ciscosf302-08mpMatch-

Node

ciscosg300-28_firmwareRange<1.4.8.06

AND

ciscosg300-28Match-

Node

ciscosf300-48_firmwareRange<1.4.8.06

AND

ciscosf300-48Match-

Node

ciscosg300-20_firmwareRange<1.4.8.06

AND

ciscosg300-20Match-

Node

ciscosf302-08p_firmwareRange<1.4.8.06

AND

ciscosf302-08pMatch-

Node

ciscosg300-52_firmwareRange<1.4.8.06

AND

ciscosg300-52Match-

Node

ciscosf300-24_firmwareRange<1.4.8.06

AND

ciscosf300-24Match-

Node

ciscosf302-08_firmwareRange<1.4.8.06

AND

ciscosf302-08Match-

Node

ciscosf300-24mp_firmwareRange<1.4.8.06

AND

ciscosf300-24mpMatch-

Node

ciscosg300-10sfp_firmwareRange<1.4.8.06

AND

ciscosg300-10sfpMatch-

Node

ciscosg300-28mp_firmwareRange<1.4.8.06

AND

ciscosg300-28mpMatch-

Node

ciscosg300-52p_firmwareRange<1.4.8.06

AND

ciscosg300-52pMatch-

Node

ciscosg300-52mp_firmwareRange<1.4.8.06

AND

ciscosg300-52mpMatch-

Node

ciscosg500-28mpp_firmwareRange<1.4.8.06

AND

ciscosg500-28mppMatch-

Node

ciscosg500-52mp_firmwareRange<1.4.8.06

AND

ciscosg500-52mpMatch-

Node

ciscosg500xg-8f8t_firmwareRange<1.4.8.06

AND

ciscosg500xg-8f8tMatch-

Node

ciscosf500-24_firmwareRange<1.4.8.06

AND

ciscosf500-24Match-

Node

ciscosf500-24p_firmwareRange<1.4.8.06

AND

ciscosf500-24pMatch-

Node

ciscosf500-48_firmwareRange<1.4.8.06

AND

ciscosf500-48Match-

Node

ciscosf500-48p_firmwareRange<1.4.8.06

AND

ciscosf500-48pMatch-

Node

ciscosg500-28_firmwareRange<1.4.8.06

AND

ciscosg500-28Match-

Node

ciscosg500-28p_firmwareRange<1.4.8.06

AND

ciscosg500-28pMatch-

Node

ciscosg500-52_firmwareRange<1.4.8.06

AND

ciscosg500-52Match-

Node

ciscosg500-52p_firmwareRange<1.4.8.06

AND

ciscosg500-52pMatch-

Node

ciscosg500x-24_firmwareRange<1.4.8.06

AND

ciscosg500x-24Match-

Node

ciscosg500x-24p_firmwareRange<1.4.8.06

AND

ciscosg500x-24pMatch-

Node

ciscosg500x-48_firmwareRange<1.4.8.06

AND

ciscosg500x-48Match-

Node

ciscosg500x-48p_firmwareRange<1.4.8.06

AND

ciscosg500x-48pMatch-

Node

ciscoesw2-350g-52_firmwareRange<1.4.8.06

AND

ciscoesw2-350g-52Match-

Node

ciscoesw2-350g-52dc_firmwareRange<1.4.8.06

AND

ciscoesw2-350g-52dcMatch-

Node

ciscoesw2-550x-48_firmwareRange<1.4.8.06

AND

ciscoesw2-550x-48Match-

Node

ciscoesw2-550x-48dc_firmwareRange<1.4.8.06

AND

ciscoesw2-550x-48dcMatch-

Node

ciscosg350-10_firmwareRange<2.3.0.130

AND

ciscosg350-10Match-

Node

ciscosg350-10p_firmwareRange<2.3.0.130

AND

ciscosg350-10pMatch-

Node

ciscosg350-10mp_firmwareRange<2.3.0.130

AND

ciscosg350-10mpMatch-

Node

ciscosg355-10p_firmwareRange<2.3.0.130

AND

ciscosg355-10pMatch-

Node

ciscosg350-28_firmwareRange<2.3.0.130

AND

ciscosg350-28Match-

Node

ciscosg350-28p_firmwareRange<2.3.0.130

AND

ciscosg350-28pMatch-

Node

ciscosg350-28mp_firmwareRange<2.3.0.130

AND

ciscosg350-28mpMatch-

Node

ciscosf350-48_firmwareRange<2.3.0.130

AND

ciscosf350-48Match-

Node

ciscosf350-48p_firmwareRange<2.3.0.130

AND

ciscosf350-48pMatch-

Node

ciscosf350-48mp_firmwareRange<2.3.0.130

AND

ciscosf350-48mpMatch-

Node

ciscosg350xg-2f10_firmwareRange<2.3.0.130

AND

ciscosg350xg-2f10Match-

Node

ciscosg350xg-24f_firmwareRange<2.3.0.130

AND

ciscosg350xg-24fMatch-

Node

ciscosg350xg-24t_firmwareRange<2.3.0.130

AND

ciscosg350xg-24tMatch-

Node

ciscosg350xg-48t_firmwareRange<2.3.0.130

AND

ciscosg350xg-48tMatch-

Node

ciscosg350x-24_firmwareRange<2.3.0.130

AND

ciscosg350x-24Match-

Node

ciscosg350x-24p_firmwareRange<2.3.0.130

AND

ciscosg350x-24pMatch-

Node

ciscosg350x-24mp_firmwareRange<2.3.0.130

AND

ciscosg350x-24mpMatch-

Node

ciscosg350x-48_firmwareRange<2.3.0.130

AND

ciscosg350x-48Match-

Node

ciscosg350x-48p_firmwareRange<2.3.0.130

AND

ciscosg350x-48pMatch-

Node

ciscosg350x-48mp_firmwareRange<2.3.0.130

AND

ciscosg350x-48mpMatch-

Node

ciscosx550x-16ft_firmwareRange<2.3.0.130

AND

ciscosx550x-16ftMatch-

Node

ciscosx550x-24ft_firmwareRange<2.3.0.130

AND

ciscosx550x-24ftMatch-

Node

ciscosx550x-12f_firmwareRange<2.3.0.130

AND

ciscosx550x-12fMatch-

Node

ciscosx550x-24f_firmwareRange<2.3.0.130

AND

ciscosx550x-24fMatch-

Node

ciscosx550x-24_firmwareRange<2.3.0.130

AND

ciscosx550x-24Match-

Node

ciscosx550x-52_firmwareRange<2.3.0.130

AND

ciscosx550x-52Match-

Node

ciscosg550x-24_firmwareRange<2.3.0.130

AND

ciscosg550x-24Match-

Node

ciscosg550x-24p_firmwareRange<2.3.0.130

AND

ciscosg550x-24pMatch-

Node

ciscosg550x-24mp_firmwareRange<2.3.0.130

AND

ciscosg550x-24mpMatch-

Node

ciscosg550x-24mpp_firmwareRange<2.3.0.130

AND

ciscosg550x-24mppMatch-

Node

ciscosg550x-48_firmwareRange<2.3.0.130

AND

ciscosg550x-48Match-

Node

ciscosg550x-48p_firmwareRange<2.3.0.130

AND

ciscosg550x-48pMatch-

Node

ciscosg550x-48mp_firmwareRange<2.3.0.130

AND

ciscosg550x-48mpMatch-

Node

ciscosf550x-24_firmwareRange<2.3.0.130

AND

ciscosf550x-24Match-

Node

ciscosf550x-24p_firmwareRange<2.3.0.130

AND

ciscosf550x-24pMatch-

Node

ciscosf550x-24mp_firmwareRange<2.3.0.130

AND

ciscosf550x-24mpMatch-

Node

ciscosf550x-48_firmwareRange<2.3.0.130

AND

ciscosf550x-48Match-

Node

ciscosf550x-48p_firmwareRange<2.3.0.130

AND

ciscosf550x-48pMatch-

Node

ciscosf550x-48mp_firmwareRange<2.3.0.130

AND

ciscosf550x-48mpMatch-

VendorProductVersionCPE
ciscosf302-08pp-cpe:2.3:h:cisco:sf302-08pp:-:*:*:*:*:*:*:*
ciscosf302-08pp_firmware*cpe:2.3:o:cisco:sf302-08pp_firmware:*:*:*:*:*:*:*:*
ciscosf302-08mpp-cpe:2.3:h:cisco:sf302-08mpp:-:*:*:*:*:*:*:*
ciscosf302-08mpp_firmware*cpe:2.3:o:cisco:sf302-08mpp_firmware:*:*:*:*:*:*:*:*
ciscosg300-10pp-cpe:2.3:h:cisco:sg300-10pp:-:*:*:*:*:*:*:*
ciscosg300-10pp_firmware*cpe:2.3:o:cisco:sg300-10pp_firmware:*:*:*:*:*:*:*:*
ciscosg300-10mpp-cpe:2.3:h:cisco:sg300-10mpp:-:*:*:*:*:*:*:*
ciscosg300-10mpp_firmware*cpe:2.3:o:cisco:sg300-10mpp_firmware:*:*:*:*:*:*:*:*
ciscosf300-24pp-cpe:2.3:h:cisco:sf300-24pp:-:*:*:*:*:*:*:*
ciscosf300-24pp_firmware*cpe:2.3:o:cisco:sf300-24pp_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	sf302-08pp	-	cpe:2.3:h:cisco:sf302-08pp:-:::::::*
cisco	sf302-08pp_firmware	*	cpe:2.3:o:cisco:sf302-08pp_firmware::::::::
cisco	sf302-08mpp	-	cpe:2.3:h:cisco:sf302-08mpp:-:::::::*
cisco	sf302-08mpp_firmware	*	cpe:2.3:o:cisco:sf302-08mpp_firmware::::::::
cisco	sg300-10pp	-	cpe:2.3:h:cisco:sg300-10pp:-:::::::*
cisco	sg300-10pp_firmware	*	cpe:2.3:o:cisco:sg300-10pp_firmware::::::::
cisco	sg300-10mpp	-	cpe:2.3:h:cisco:sg300-10mpp:-:::::::*
cisco	sg300-10mpp_firmware	*	cpe:2.3:o:cisco:sg300-10mpp_firmware::::::::
cisco	sf300-24pp	-	cpe:2.3:h:cisco:sf300-24pp:-:::::::*
cisco	sf300-24pp_firmware	*	cpe:2.3:o:cisco:sf300-24pp_firmware::::::::

Rows per page:

1-10 of 1701

CNA Affected

[
  {
    "product": "Cisco Small Business Managed Switches",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Small Business Managed Switches"
      }
    ]
  }
]

References

www.securityfocus.com/bid/100933

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-sbms

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

Related for CVE-2017-6720