Lucene search

[email protected]NVD:CVE-2019-1892

HistoryJul 06, 2019 - 2:15 a.m.

CVE-2019-1892

2019-07-0602:15:11

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition.

Affected configurations

Nvd

Node

ciscosf200-24_firmwareRange<1.4.10.6

AND

ciscosf200-24Match-

Node

ciscosf200-24p_firmwareRange<1.4.10.6

AND

ciscosf200-24pMatch-

Node

ciscosf200-48_firmwareRange<1.4.10.6

AND

ciscosf200-48Match-

Node

ciscosf200-48p_firmwareRange<1.4.10.6

AND

ciscosf200-48pMatch-

Node

ciscosg200-18_firmwareRange<1.4.10.6

AND

ciscosg200-18Match-

Node

ciscosg200-26_firmwareRange<1.4.10.6

AND

ciscosg200-26Match-

Node

ciscosg200-26p_firmwareRange<1.4.10.6

AND

ciscosg200-26pMatch-

Node

ciscosg200-50_firmwareRange<1.4.10.6

AND

ciscosg200-50Match-

Node

ciscosg200-50p_firmwareRange<1.4.10.6

AND

ciscosg200-50pMatch-

Node

ciscosg300-10_firmwareRange<1.4.10.6

AND

ciscosg300-10Match-

Node

ciscosg300-10mp_firmwareRange<1.4.10.6

AND

ciscosg300-10mpMatch-

Node

ciscosg300-10mpp_firmwareRange<1.4.10.6

AND

ciscosg300-10mppMatch-

Node

ciscosg300-10sfp_firmwareRange<1.4.10.6

AND

ciscosg300-10sfpMatch-

Node

ciscosg300-10p_firmwareRange<1.4.10.6

AND

ciscosg300-10pMatch-

Node

ciscosg300-10pp_firmwareRange<1.4.10.6

AND

ciscosg300-10ppMatch-

Node

ciscosg300-20_firmwareRange<1.4.10.6

AND

ciscosg300-20Match-

Node

ciscosg300-28_firmwareRange<1.4.10.6

AND

ciscosg300-28Match-

Node

ciscosg300-28p_firmwareRange<1.4.10.6

AND

ciscosg300-28pMatch-

Node

ciscosg300-28pp_firmwareRange<1.4.10.6

AND

ciscosg300-28ppMatch-

Node

ciscosg300-28mp_firmwareRange<1.4.10.6

AND

ciscosg300-28mpMatch-

Node

ciscosg300-28sfp_firmwareRange<1.4.10.6

AND

ciscosg300-28sfpMatch-

Node

ciscosg300-52_firmwareRange<1.4.10.6

AND

ciscosg300-52Match-

Node

ciscosg300-52p_firmwareRange<1.4.10.6

AND

ciscosg300-52pMatch-

Node

ciscosg300-52mp_firmwareRange<1.4.10.6

AND

ciscosg300-52mpMatch-

Node

ciscosf300-08_firmwareRange<1.4.10.6

AND

ciscosf300-08Match-

Node

ciscosf302-08_firmwareRange<1.4.10.6

AND

ciscosf302-08Match-

Node

ciscosf302-08mp_firmwareRange<1.4.10.6

AND

ciscosf302-08mpMatch-

Node

ciscosf302-08p_firmwareRange<1.4.10.6

AND

ciscosf302-08pMatch-

Node

ciscosf302-08pp_firmwareRange<1.4.10.6

AND

ciscosf302-08ppMatch-

Node

ciscosf302-08mpp_firmwareRange<1.4.10.6

AND

ciscosf302-08mppMatch-

Node

ciscosf300-24_firmwareRange<1.4.10.6

AND

ciscosf300-24Match-

Node

ciscosf300-24p_firmwareRange<1.4.10.6

AND

ciscosf300-24pMatch-

Node

ciscosf300-24mp_firmwareRange<1.4.10.6

AND

ciscosf300-24mpMatch-

Node

ciscosf300-24pp_firmwareRange<1.4.10.6

AND

ciscosf300-24ppMatch-

Node

ciscosf300-48_firmwareRange<1.4.10.6

AND

ciscosf300-48Match-

Node

ciscosf300-48p_firmwareRange<1.4.10.6

AND

ciscosf300-48pMatch-

Node

ciscosf300-48pp_firmwareRange<1.4.10.6

AND

ciscosf300-48ppMatch-

Node

ciscosf500-24_firmwareRange<1.4.10.6

AND

ciscosf500-24Match-

Node

ciscosf500-24p_firmwareRange<1.4.10.6

AND

ciscosf500-24pMatch-

Node

ciscosf500-24mp_firmwareRange<1.4.10.6

AND

ciscosf500-24mpMatch-

Node

ciscosf500-48_firmwareRange<1.4.10.6

AND

ciscosf500-48Match-

Node

ciscosf500-48p_firmwareRange<1.4.10.6

AND

ciscosf500-48pMatch-

Node

ciscosf500-48mp_firmwareRange<1.4.10.6

AND

ciscosf500-48mpMatch-

Node

ciscosg500-28_firmwareRange<1.4.10.6

AND

ciscosg500-28Match-

Node

ciscosg500-28p_firmwareRange<1.4.10.6

AND

ciscosg500-28pMatch-

Node

ciscosg500-28mpp_firmwareRange<1.4.10.6

AND

ciscosg500-28mppMatch-

Node

ciscosg500-52_firmwareRange<1.4.10.6

AND

ciscosg500-52Match-

Node

ciscosg500-52p_firmwareRange<1.4.10.6

AND

ciscosg500-52pMatch-

Node

ciscosg500-52mp_firmwareRange<1.4.10.6

AND

ciscosg500-52mpMatch-

Node

ciscosg500x-24_firmwareRange<1.4.10.6

AND

ciscosg500x-24Match-

Node

ciscosg500x24mpp_firmwareRange<1.4.10.6

AND

ciscosg500x24mppMatch-

Node

ciscosg500x-48_firmwareRange<1.4.10.6

AND

ciscosg500x-48Match-

Node

ciscosg500x-48p_firmwareRange<1.4.10.6

AND

ciscosg500x-48pMatch-

Node

ciscosg500x-48mp_firmwareRange<1.4.10.6

AND

ciscosg500x-48mpMatch-

Node

ciscosg500xg8f8t_firmwareRange<1.4.10.6

AND

ciscosg500xg8f8tMatch-

Node

ciscoesw2-350g52dc_firmwareRange<1.4.10.6

AND

ciscoesw2-350g52dcMatch-

Node

ciscoesw2-550x48dc_firmwareRange<1.4.10.6

AND

ciscoesw2-550x48dcMatch-

VendorProductVersionCPE
ciscosf200-24_firmware*cpe:2.3:o:cisco:sf200-24_firmware:*:*:*:*:*:*:*:*
ciscosf200-24-cpe:2.3:h:cisco:sf200-24:-:*:*:*:*:*:*:*
ciscosf200-24p_firmware*cpe:2.3:o:cisco:sf200-24p_firmware:*:*:*:*:*:*:*:*
ciscosf200-24p-cpe:2.3:h:cisco:sf200-24p:-:*:*:*:*:*:*:*
ciscosf200-48_firmware*cpe:2.3:o:cisco:sf200-48_firmware:*:*:*:*:*:*:*:*
ciscosf200-48-cpe:2.3:h:cisco:sf200-48:-:*:*:*:*:*:*:*
ciscosf200-48p_firmware*cpe:2.3:o:cisco:sf200-48p_firmware:*:*:*:*:*:*:*:*
ciscosf200-48p-cpe:2.3:h:cisco:sf200-48p:-:*:*:*:*:*:*:*
ciscosg200-18_firmware*cpe:2.3:o:cisco:sg200-18_firmware:*:*:*:*:*:*:*:*
ciscosg200-18-cpe:2.3:h:cisco:sg200-18:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	sf200-24_firmware	*	cpe:2.3:o:cisco:sf200-24_firmware::::::::
cisco	sf200-24	-	cpe:2.3:h:cisco:sf200-24:-:::::::*
cisco	sf200-24p_firmware	*	cpe:2.3:o:cisco:sf200-24p_firmware::::::::
cisco	sf200-24p	-	cpe:2.3:h:cisco:sf200-24p:-:::::::*
cisco	sf200-48_firmware	*	cpe:2.3:o:cisco:sf200-48_firmware::::::::
cisco	sf200-48	-	cpe:2.3:h:cisco:sf200-48:-:::::::*
cisco	sf200-48p_firmware	*	cpe:2.3:o:cisco:sf200-48p_firmware::::::::
cisco	sf200-48p	-	cpe:2.3:h:cisco:sf200-48p:-:::::::*
cisco	sg200-18_firmware	*	cpe:2.3:o:cisco:sg200-18_firmware::::::::
cisco	sg200-18	-	cpe:2.3:h:cisco:sg200-18:-:::::::*

Rows per page:

1-10 of 1141

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-memcorrupt

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

52.6%

JSON

Related for NVD:CVE-2019-1892

cvelist1 cisco1 cve1 prion1 attackerkb1