Skip to main content

Cisco Switches Multiple Vulnerabilities

Last Update Date: 31 Jan 2020 12:05 Release Date: 31 Jan 2020 5442 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Cisco Small Business Switches, a remote attacker could exploit these vulnerabilities to trigger denial of service condition and sensitive information disclosure on the targeted system.
 


Impact

  • Denial of Service
  • Information Disclosure

System / Technologies affected

CVE-2019-15993


Firmware version prior to 2.5.0.92:

  • 250 Series Smart Switches
  • 350 Series Managed Switches
  • 350X Series Stackable Managed Switches
  • 550X Series Stackable Managed Switches


Firmware version prior to 1.4.11.4:

  • 200 Series Smart Switches
  • 300 Series Managed Switches
  • 500 Series Stackable Managed Switches


CVE-2020-3147

Firmware version prior to 1.3.7.18:

  • 200 Series Smart Switches
  • 300 Series Managed Switches
  • 500 Series Stackable Managed Switches
     

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

CVE-2019-15993

Firmware version 2.5.0.92:

  •     250 Series Smart Switches
  •     350 Series Managed Switches
  •     350X Series Stackable Managed Switches
  •     550X Series Stackable Managed Switches


Firmware version 1.4.11.4: 

  •     200 Series Smart Switches
  •     300 Series Managed Switches
  •     500 Series Stackable Managed Switches


CVE-2020-3147

Firmware version 1.3.7.18:

  •     200 Series Smart Switches
  •     300 Series Managed Switches
  •     500 Series Stackable Managed Switches

Vulnerability Identifier


Source


Related Link