Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-1892

Published: 06/07/2019 Updated: 09/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote malicious user to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the malicious user to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco sf200-24_firmware

cisco sf200-24p_firmware

cisco sf200-48_firmware

cisco sf200-48p_firmware

cisco sg200-18_firmware

cisco sg200-26_firmware

cisco sg200-26p_firmware

cisco sg200-50_firmware

cisco sg200-50p_firmware

cisco sg300-10_firmware

cisco sg300-10mp_firmware

cisco sg300-10mpp_firmware

cisco sg300-10sfp_firmware

cisco sg300-10p_firmware

cisco sg300-10pp_firmware

cisco sg300-20_firmware

cisco sg300-28_firmware

cisco sg300-28p_firmware

cisco sg300-28pp_firmware

cisco sg300-28mp_firmware

cisco sg300-28sfp_firmware

cisco sg300-52_firmware

cisco sg300-52p_firmware

cisco sg300-52mp_firmware

cisco sf300-08_firmware

cisco sf302-08_firmware

cisco sf302-08mp_firmware

cisco sf302-08p_firmware

cisco sf302-08pp_firmware

cisco sf302-08mpp_firmware

cisco sf300-24_firmware

cisco sf300-24p_firmware

cisco sf300-24mp_firmware

cisco sf300-24pp_firmware

cisco sf300-48_firmware

cisco sf300-48p_firmware

cisco sf300-48pp_firmware

cisco sf500-24_firmware

cisco sf500-24p_firmware

cisco sf500-24mp_firmware

cisco sf500-48_firmware

cisco sf500-48p_firmware

cisco sf500-48mp_firmware

cisco sg500-28_firmware

cisco sg500-28p_firmware

cisco sg500-28mpp_firmware

cisco sg500-52_firmware

cisco sg500-52p_firmware

cisco sg500-52mp_firmware

cisco sg500x-24_firmware

cisco sg500x24mpp_firmware

cisco sg500x-48_firmware

cisco sg500x-48p_firmware

cisco sg500x-48mp_firmware

cisco sg500xg8f8t_firmware

cisco esw2-350g52dc_firmware

cisco esw2-550x48dc_firmware

Vendor Advisories

Cisco: Cisco Small Business Series Switches Memory Corruption Vulnerability
A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device The vulnerability is due to improper validation of HTTPS packets An attacker could exploit this vulnerability ...

References

CWE-119https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-memcorrupthttps://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-sbss-memcorrupt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camerabypassCVE-2024-3592CVE-2024-37383CVE-2024-24919CVE-2024-27822CVE-2024-36788CVE-2024-36789man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook