Vulnslist

find the latest Cisco vulnerabilities

Cisco Small Business Managed Switches Denial of Service Vulnerability

cisco-sa-20170920-sbms · High · Published · Updated

A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-sbms

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2017-6720
Cisco Bug IDsCSCvb48377
CVSS ScoreBase 7.7
Base 7.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches, Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches

Related Products

Product CVE Evidence
Cisco Small Business 500 Series Stackable Managed Switches CVE-2017-6720 Cisco OpenVuln
Cisco Small Business 300 Series Managed Switches CVE-2017-6720 Cisco OpenVuln
Cisco ESW2 Series Advanced Switches CVE-2017-6720 Cisco OpenVuln
Cisco 550X Series Stackable Managed Switches CVE-2017-6720 Cisco OpenVuln
Cisco 350X Series Stackable Managed Switches CVE-2017-6720 Cisco OpenVuln
Cisco 350 Series Managed Switches CVE-2017-6720 Cisco OpenVuln