Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2019-15993
HistorySep 23, 2020 - 1:15 a.m.

CVE-2019-15993

2020-09-2301:15:13
CWE-16
CWE-287
cisco
web.nvd.nist.gov
75
cisco
small business
switches
vulnerability
web ui
authentication
remote access
information security

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the attacker to access sensitive device information, which includes configuration files.

Affected configurations

Nvd
Node
ciscosg250x-24Match-
AND
ciscosg250x-24_firmwareRange<2.5.0.92
Node
ciscosg250x-24pMatch-
AND
ciscosg250x-24p_firmwareRange<2.5.0.92
Node
ciscosg250x-48Match-
AND
ciscosg250x-48_firmwareRange<2.5.0.92
Node
ciscosg250x-48pMatch-
AND
ciscosg250x-48p_firmwareRange<2.5.0.92
Node
ciscosg250-08Match-
AND
ciscosg250-08_firmwareRange<2.5.0.92
Node
ciscosg250-08hpMatch-
AND
ciscosg250-08hp_firmwareRange<2.5.0.92
Node
ciscosg250-10pMatch-
AND
ciscosg250-10p_firmwareRange<2.5.0.92
Node
ciscosg250-18Match-
AND
ciscosg250-18_firmwareRange<2.5.0.92
Node
ciscosg250-26_firmwareRange<2.5.0.92
AND
ciscosg250-26Match-
Node
ciscosg250-26hp_firmwareRange<2.5.0.92
AND
ciscosg250-26hpMatch-
Node
ciscosg250-26p_firmwareRange<2.5.0.92
AND
ciscosg250-26pMatch-
Node
ciscosg250-50_firmwareRange<2.5.0.92
AND
ciscosg250-50Match-
Node
ciscosg250-50hp_firmwareRange<2.5.0.92
AND
ciscosg250-50hpMatch-
Node
ciscosg250-50p_firmwareRange<2.5.0.92
AND
ciscosg250-50pMatch-
Node
ciscosf250-24_firmwareRange<2.5.0.92
AND
ciscosf250-24Match-
Node
ciscosf250-24p_firmwareRange<2.5.0.92
AND
ciscosf250-24pMatch-
Node
ciscosf250-48_firmwareRange<2.5.0.92
AND
ciscosf250-48Match-
Node
ciscosf250-48hp_firmwareRange<2.5.0.92
AND
ciscosf250-48hpMatch-
Node
ciscosg350-10_firmwareRange<2.5.0.92
AND
ciscosg350-10Match-
Node
ciscosg350-10p_firmwareRange<2.5.0.92
AND
ciscosg350-10pMatch-
Node
ciscosg350-10mp_firmwareRange<2.5.0.92
AND
ciscosg350-10mpMatch-
Node
ciscosg355-10p_firmwareRange<2.5.0.92
AND
ciscosg355-10pMatch-
Node
ciscosg350-28_firmwareRange<2.5.0.92
AND
ciscosg350-28Match-
Node
ciscosg350-28p_firmwareRange<2.5.0.92
AND
ciscosg350-28pMatch-
Node
ciscosg350-28mpMatch-
AND
ciscosg350-28mp_firmwareRange<2.5.0.92
Node
ciscosf350-48_firmwareRange<2.5.0.92
AND
ciscosf350-48Match-
Node
ciscosf350-48p_firmwareRange<2.5.0.92
AND
ciscosf350-48pMatch-
Node
ciscosf350-48mp_firmwareRange<2.5.0.92
AND
ciscosf350-48mpMatch-
Node
ciscosg350xg-2f10_firmwareRange<2.5.0.92
AND
ciscosg350xg-2f10Match-
Node
ciscosg350xg-24f_firmwareRange<2.5.0.92
AND
ciscosg350xg-24fMatch-
Node
ciscosg350xg-24t_firmwareRange<2.5.0.92
AND
ciscosg350xg-24tMatch-
Node
ciscosg350xg-48t_firmwareRange<2.5.0.92
AND
ciscosg350xg-48tMatch-
Node
ciscosg350x-24_firmwareRange<2.5.0.92
AND
ciscosg350x-24Match-
Node
ciscosg350x-24p_firmwareRange<2.5.0.92
AND
ciscosg350x-24pMatch-
Node
ciscosg350x-24mp_firmwareRange<2.5.0.92
AND
ciscosg350x-24mpMatch-
Node
ciscosg350x-48_firmwareRange<2.5.0.92
AND
ciscosg350x-48Match-
Node
ciscosg350x-48p_firmwareRange<2.5.0.92
AND
ciscosg350x-48pMatch-
Node
ciscosg350x-48mp_firmwareRange<2.5.0.92
AND
ciscosg350x-48mpMatch-
Node
ciscosx550x-16ft_firmwareRange<2.5.0.92
AND
ciscosx550x-16ftMatch-
Node
ciscosx550x-24ft_firmwareRange<2.5.0.92
AND
ciscosx550x-24ftMatch-
Node
ciscosx550x-12f_firmwareRange<2.5.0.92
AND
ciscosx550x-12fMatch-
Node
ciscosx550x-24f_firmwareRange<2.5.0.92
AND
ciscosx550x-24fMatch-
Node
ciscosx550x-24_firmwareRange<2.5.0.92
AND
ciscosx550x-24Match-
Node
ciscosx550x-52_firmwareRange<2.5.0.92
AND
ciscosx550x-52Match-
Node
ciscosg550x-24_firmwareRange<2.5.0.92
AND
ciscosg550x-24Match-
Node
ciscosg550x-24p_firmwareRange<2.5.0.92
AND
ciscosg550x-24pMatch-
Node
ciscosg550x-24mp_firmwareRange<2.5.0.92
AND
ciscosg550x-24mpMatch-
Node
ciscosg550x-24mpp_firmwareRange<2.5.0.92
AND
ciscosg550x-24mppMatch-
Node
ciscosg550x-48_firmwareRange<2.5.0.92
AND
ciscosg550x-48Match-
Node
ciscosg550x-48p_firmwareRange<2.5.0.92
AND
ciscosg550x-48pMatch-
Node
ciscosg550x-48mp_firmwareRange<2.5.0.92
AND
ciscosg550x-48mpMatch-
Node
ciscosf550x-24_firmwareRange<2.5.0.92
AND
ciscosf550x-24Match-
Node
ciscosf550x-24p_firmwareRange<2.5.0.92
AND
ciscosf550x-24pMatch-
Node
ciscosf550x-24mp_firmwareRange<2.5.0.92
AND
ciscosf550x-24mpMatch-
Node
ciscosf550x-48_firmwareRange<2.5.0.92
AND
ciscosf550x-48Match-
Node
ciscosf550x-48p_firmwareRange<2.5.0.92
AND
ciscosf550x-48pMatch-
Node
ciscosf550x-48mp_firmwareRange<2.5.0.92
AND
ciscosf550x-48mpMatch-
Node
ciscosg200-50_firmwareRange<1.4.11.4
AND
ciscosg200-50Match-
Node
ciscosg200-50p_firmwareRange<1.4.11.4
AND
ciscosg200-50pMatch-
Node
ciscosg200-50fp_firmwareRange<1.4.11.4
AND
ciscosg200-50fpMatch-
Node
ciscosg200-26_firmwareRange<1.4.11.4
AND
ciscosg200-26Match-
Node
ciscosg200-26p_firmwareRange<1.4.11.4
AND
ciscosg200-26pMatch-
Node
ciscosg200-26fp_firmwareRange<1.4.11.4
AND
ciscosg200-26fpMatch-
Node
ciscosg200-18_firmwareRange<1.4.11.4
AND
ciscosg200-18Match-
Node
ciscosg200-10fp_firmwareRange<1.4.11.4
AND
ciscosg200-10fpMatch-
Node
ciscosg200-08_firmwareRange<1.4.11.4
AND
ciscosg200-08Match-
Node
ciscosg200-08p_firmwareRange<1.4.11.4
AND
ciscosg200-08pMatch-
Node
ciscosf200-24_firmwareRange<1.4.11.4
AND
ciscosf200-24Match-
Node
ciscosf200-24p_firmwareRange<1.4.11.4
AND
ciscosf200-24pMatch-
Node
ciscosf200-24fp_firmwareRange<1.4.11.4
AND
ciscosf200-24fpMatch-
Node
ciscosf200-48_firmwareRange<1.4.11.4
AND
ciscosf200-48Match-
Node
ciscosf200-48p_firmwareRange<1.4.11.4
AND
ciscosf200-48pMatch-
Node
ciscosg200-50_firmwareRange<1.4.11.4
AND
ciscosg200-50Match-
Node
ciscosg200-50p_firmwareRange<1.4.11.4
AND
ciscosg200-50pMatch-
Node
ciscosg200-50fp_firmwareRange<1.4.11.4
AND
ciscosg200-50fpMatch-
Node
ciscosg200-26_firmwareRange<1.4.11.4
AND
ciscosg200-26Match-
Node
ciscosg200-26p_firmwareRange<1.4.11.4
AND
ciscosg200-26pMatch-
Node
ciscosg200-26fp_firmwareRange<1.4.11.4
AND
ciscosg200-26fpMatch-
Node
ciscosg200-18_firmwareRange<1.4.11.4
AND
ciscosg200-18Match-
Node
ciscosg200-10fp_firmwareRange<1.4.11.4
AND
ciscosg200-10fpMatch-
Node
ciscosg200-08_firmwareRange<1.4.11.4
AND
ciscosg200-08Match-
Node
ciscosg200-08p_firmwareRange<1.4.11.4
AND
ciscosg200-08pMatch-
Node
ciscosf200-24_firmwareRange<1.4.11.4
AND
ciscosf200-24Match-
Node
ciscosf200-24p_firmwareRange<1.4.11.4
AND
ciscosf200-24pMatch-
Node
ciscosf200-24fp_firmwareRange<1.4.11.4
AND
ciscosf200-24fpMatch-
Node
ciscosf200-48_firmwareRange<1.4.11.4
AND
ciscosf200-48Match-
Node
ciscosf200-48p_firmwareRange<1.4.11.4
AND
ciscosf200-48pMatch-
Node
ciscosf302-08pp_firmwareRange<1.4.11.4
AND
ciscosf302-08ppMatch-
Node
ciscosf302-08mpp_firmwareRange<1.4.11.4
AND
ciscosf302-08mppMatch-
Node
ciscosg300-10pp_firmwareRange<1.4.11.4
AND
ciscosg300-10ppMatch-
Node
ciscosg300-10mpp_firmwareRange<1.4.11.4
AND
ciscosg300-10mppMatch-
Node
ciscosf300-24pp_firmwareRange<1.4.11.4
AND
ciscosf300-24ppMatch-
Node
ciscosf300-48pp_firmwareRange<1.4.11.4
AND
ciscosf300-48ppMatch-
Node
ciscosg300-28pp_firmwareRange<1.4.11.4
AND
ciscosg300-28ppMatch-
Node
ciscosf300-08_firmwareRange<1.4.11.4
AND
ciscosf300-08Match-
Node
ciscosf300-48p_firmwareRange<1.4.11.4
AND
ciscosf300-48pMatch-
Node
ciscosg300-10mp_firmwareRange<1.4.11.4
AND
ciscosg300-10mpMatch-
Node
ciscosg300-10p_firmwareRange<1.4.11.4
AND
ciscosg300-10pMatch-
Node
ciscosg300-10_firmwareRange<1.4.11.4
AND
ciscosg300-10Match-
Node
ciscosg300-28p_firmwareRange<1.4.11.4
AND
ciscosg300-28pMatch-
Node
ciscosf300-24p_firmwareRange<1.4.11.4
AND
ciscosf300-24pMatch-
Node
ciscosf302-08mp_firmwareRange<1.4.11.4
AND
ciscosf302-08mpMatch-
Node
ciscosg300-28_firmwareRange<1.4.11.4
AND
ciscosg300-28Match-
Node
ciscosf300-48_firmwareRange<1.4.11.4
AND
ciscosf300-48Match-
Node
ciscosg300-20_firmwareRange<1.4.11.4
AND
ciscosg300-20Match-
Node
ciscosf302-08p_firmwareRange<1.4.11.4
AND
ciscosf302-08pMatch-
Node
ciscosg300-52_firmwareRange<1.4.11.4
AND
ciscosg300-52Match-
Node
ciscosf300-24_firmwareRange<1.4.11.4
AND
ciscosf300-24Match-
Node
ciscosf302-08_firmwareRange<1.4.11.4
AND
ciscosf302-08Match-
Node
ciscosf300-24mp_firmwareRange<1.4.11.4
AND
ciscosf300-24mpMatch-
Node
ciscosg300-10sfp_firmwareRange<1.4.11.4
AND
ciscosg300-10sfpMatch-
Node
ciscosg300-28mp_firmwareRange<1.4.11.4
AND
ciscosg300-28mpMatch-
Node
ciscosg300-52p_firmwareRange<1.4.11.4
AND
ciscosg300-52pMatch-
Node
ciscosg300-52mp_firmwareRange<1.4.11.4
AND
ciscosg300-52mpMatch-
Node
ciscosg500-28mpp_firmwareRange<1.4.11.4
AND
ciscosg500-28mppMatch-
Node
ciscosg500-52mp_firmwareRange<1.4.11.4
AND
ciscosg500-52mpMatch-
Node
ciscosg500xg-8f8t_firmwareRange<1.4.11.4
AND
ciscosg500xg-8f8tMatch-
Node
ciscosf500-24_firmwareRange<1.4.11.4
AND
ciscosf500-24Match-
Node
ciscosf500-24p_firmwareRange<1.4.11.4
AND
ciscosf500-24pMatch-
Node
ciscosf500-48_firmwareRange<1.4.11.4
AND
ciscosf500-48Match-
Node
ciscosf500-48p_firmwareRange<1.4.11.4
AND
ciscosf500-48pMatch-
Node
ciscosg500-28_firmwareRange<1.4.11.4
AND
ciscosg500-28Match-
Node
ciscosg500-28p_firmwareRange<1.4.11.4
AND
ciscosg500-28pMatch-
Node
ciscosg500-52_firmwareRange<1.4.11.4
AND
ciscosg500-52Match-
Node
ciscosg500-52p_firmwareRange<1.4.11.4
AND
ciscosg500-52pMatch-
Node
ciscosg500x-24_firmwareRange<1.4.11.4
AND
ciscosg500x-24Match-
Node
ciscosg500x-24p_firmwareRange<1.4.11.4
AND
ciscosg500x-24pMatch-
Node
ciscosg500x-48_firmwareRange<1.4.11.4
AND
ciscosg500x-48Match-
Node
ciscosg500x-48p_firmwareRange<1.4.11.4
AND
ciscosg500x-48pMatch-
VendorProductVersionCPE
ciscosg250x-24-cpe:2.3:h:cisco:sg250x-24:-:*:*:*:*:*:*:*
ciscosg250x-24_firmware*cpe:2.3:o:cisco:sg250x-24_firmware:*:*:*:*:*:*:*:*
ciscosg250x-24p-cpe:2.3:h:cisco:sg250x-24p:-:*:*:*:*:*:*:*
ciscosg250x-24p_firmware*cpe:2.3:o:cisco:sg250x-24p_firmware:*:*:*:*:*:*:*:*
ciscosg250x-48-cpe:2.3:h:cisco:sg250x-48:-:*:*:*:*:*:*:*
ciscosg250x-48_firmware*cpe:2.3:o:cisco:sg250x-48_firmware:*:*:*:*:*:*:*:*
ciscosg250x-48p-cpe:2.3:h:cisco:sg250x-48p:-:*:*:*:*:*:*:*
ciscosg250x-48p_firmware*cpe:2.3:o:cisco:sg250x-48p_firmware:*:*:*:*:*:*:*:*
ciscosg250-08-cpe:2.3:h:cisco:sg250-08:-:*:*:*:*:*:*:*
ciscosg250-08_firmware*cpe:2.3:o:cisco:sg250-08_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 2281

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Small Business 250 Series Smart Switches Software",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cisco 1
zdt 1
exploitdb 1
packetstorm 1
threatpost 1
cvelist
cvelist
CVE-2019-15993 Cisco Small Business Switches Information Disclosure Vulnerability
2020-09-23 00:26:59
nvd
nvd
CVE-2019-15993
2020-09-23 01:15:13
prion
prion
Design/Logic Flaw
2020-09-23 01:15:00
cisco
cisco
Cisco Small Business Switches Information Disclosure Vulnerability
2020-01-29 16:00:00
zdt
zdt
Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB - Information Disclosure
2023-04-05 00:00:00
exploitdb
exploitdb
Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB - Information Disclosure
2023-04-05 00:00:00
packetstorm
packetstorm
Cisco / Dell / Netgear Information Disclosure / Hash Decrypter
2023-04-06 00:00:00
threatpost
threatpost
Cisco Patches Two High-Severity Bugs in its Small Business Switch Lineup
2020-01-30 17:38:37

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON
Related for CVE-2019-15993
cvelist1nvd1prion1cisco1zdt1exploitdb1packetstorm1threatpost1