CVE-2021-1571

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory.

Severity	HIGH
CVSS	7.2
EPSS	0.26%
CWE	CWE-287
KEV
Published	4 years ago
Modified	1 year ago

CSAF Product Statuses

Product	Status	Source	Advisory	Rows
Cisco Small Business Smart and Managed Switches	known_affected	cisco_csaf	cisco-sa-ciscosb-multivulns-Wwyb7s5E	1

Related Products

Product	Advisory
Cisco Small Business 220 Series Smart Plus Switches	cisco-sa-ciscosb-multivulns-Wwyb7s5E
Cisco Small Business Smart and Managed Switches	cisco-sa-ciscosb-multivulns-Wwyb7s5E
Cisco Business 220 Series Switches	cisco-sa-ciscosb-multivulns-Wwyb7s5E
Cisco Small Business 220 Series Smart Switches	cisco-sa-ciscosb-multivulns-Wwyb7s5E