Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
605
VMScore

CVE-2019-1806

Published: 15/05/2019 Updated: 16/10/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8
CVSS v3 Base Score: 7.7 | Impact Score: 4 | Exploitability Score: 3.1
VMScore: 605
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Vulnerability Summary

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote malicious user to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the malicious user to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco sf200-24_firmware

cisco sf200-24p_firmware

cisco sf200-48_firmware

cisco sf200-48p_firmware

cisco sg200-18_firmware

cisco sg200-26_firmware

cisco sg200-26p_firmware

cisco sg200-50_firmware

cisco sg200-50p_firmware

cisco sg300-10_firmware

cisco sg300-10mp_firmware

cisco sg300-10mpp_firmware

cisco sg300-10sfp_firmware

cisco sg300-10p_firmware

cisco sg300-10pp_firmware

cisco sg300-20_firmware

cisco sg300-28_firmware

cisco sg300-28p_firmware

cisco sg300-28pp_firmware

cisco sg300-28mp_firmware

cisco sg300-28sfp_firmware

cisco sg300-52_firmware

cisco sg300-52p_firmware

cisco sg300-52mp_firmware

cisco sf300-08_firmware

cisco sf302-08_firmware

cisco sf302-08mp_firmware

cisco sf302-08p_firmware

cisco sf302-08pp_firmware

cisco sf302-08mpp_firmware

cisco sf300-24_firmware

cisco sf300-24p_firmware

cisco sf300-24mp_firmware

cisco sf300-24pp_firmware

cisco sf300-48_firmware

cisco sf300-48p_firmware

cisco sf300-48pp_firmware

cisco sf500-24_firmware

cisco sf500-24p_firmware

cisco sf500-24mp_firmware

cisco sf500-48_firmware

cisco sf500-48p_firmware

cisco sf500-48mp_firmware

cisco sg500-28_firmware

cisco sg500-28p_firmware

cisco sg500-28mpp_firmware

cisco sg500-52_firmware

cisco sg500-52p_firmware

cisco sg500-52mp_firmware

cisco sg500x-24_firmware

cisco sg500x-24p_firmware

cisco sg500x24mpp_firmware

cisco sg500x-48_firmware

cisco sg500x-48p_firmware

cisco sg500x-48mp_firmware

cisco sg500xg8f8t_firmware

cisco esw2-350g52dc_firmware

cisco esw2-550x48dc_firmware

cisco sg250x-24_firmware

cisco sg250x-24p_firmware

cisco sg250x-48_firmware

cisco sg250x-48p_firmware

cisco sg250-08_firmware

cisco sg250-08hp_firmware

cisco sg250-10p_firmware

cisco sg250-18_firmware

cisco sg250-26_firmware

cisco sg250-26hp_firmware

cisco sg250-26p_firmware

cisco sg250-50_firmware

cisco sg250-50hp_firmware

cisco sg250-50p_firmware

cisco sf250-24_firmware

cisco sf250-24p_firmware

cisco sf250-48_firmware

cisco sf250-48hp_firmware

cisco sg350-10_firmware

cisco sg350-10p_firmware

cisco sg350-10mp_firmware

cisco sg355-10p_firmware

cisco sg350-28_firmware

cisco sg350-28p_firmware

cisco sg350-28mp_firmware

cisco sf350-48_firmware

cisco sf350-48p_firmware

cisco sf350-48mp_firmware

cisco sx550x-16ft_firmware

cisco sx550x-24ft_firmware

cisco sx550x-12f_firmware

cisco sx550x-24f_firmware

cisco sx550x-24_firmware

cisco sx550x-52_firmware

cisco sg550x-24_firmware

cisco sg550x-24p_firmware

cisco sg550x-24mp_firmware

cisco sg550x-24mpp_firmware

cisco sg550x-48_firmware

cisco sg550x-48p_firmware

cisco sg550x-48mp_firmware

cisco sf550x-24_firmware

cisco sf550x-24p_firmware

cisco sf550x-24mp_firmware

cisco sf550x-48_firmware

cisco sf550x-48p_firmware

cisco sf550x-48mp_firmware

Vendor Advisories

Cisco: Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service Vulnerability
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, result ...

References

CWE-770https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdoshttp://www.securityfocus.com/bid/108335https://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-sb-snmpdos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310CVE-2024-21683CVE-2024-22187chromedeserializationXPath injectionCVE-2024-27842denial of serviceCVE-2024-24851googleCVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook