Cisco SG500-28P Firmware 2.5.5.47

CPE Details

Cisco SG500-28P Firmware 2.5.5.47
cisco
sg500-28p_firmware
2.5.5.47
2020-10-08
13h28 +00:00
2020-10-08
13h28 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:cisco:sg500-28p_firmware:2.5.5.47:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

sg500-28p_firmware

Version

2.5.5.47

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-34739 2021-11-04 15h40 +00:00 A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges.
8.1
High
CVE-2020-3496 2020-08-26 16h15 +00:00 A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the switch management CLI to stop responding, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.
5.3
Medium