CVE-2016-1299

Published: Jan 27, 2016Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw87174.

Affected (1)

Products: Cisco: 300 Series Managed Switch Firmware

Cisco

1 product

300 Series Managed Switch Firmware

Configuration A

1 vulnerable · 27 platform

Vulnerable Software	Affected Versions
Cisco 300 Series Managed Switch Firmware	Version 1.4.1

Running on/with	Platform Versions
Cisco Sf300 08	All versions
Cisco Sf300 24	All versions
Cisco Sf300 24mp	All versions
Cisco Sf300 24p	All versions
Cisco Sf300 24pp	All versions
Cisco Sf300 48	All versions
Cisco Sf300 48p	All versions
Cisco Sf300 48pp	All versions
Cisco Sf302 08	All versions
Cisco Sf302 08mp	All versions
Cisco Sf302 08mpp	All versions
Cisco Sf302 08p	All versions
Cisco Sf302 08pp	All versions
Cisco Sg300 10	All versions
Cisco Sg300 10mp	All versions
Cisco Sg300 10mpp	All versions
Cisco Sg300 10p	All versions
Cisco Sg300 10pp	All versions
Cisco Sg300 10sfp	All versions
Cisco Sg300 20	All versions
Cisco Sg300 28	All versions
Cisco Sg300 28mp	All versions
Cisco Sg300 28p	All versions
Cisco Sg300 28pp	All versions
Cisco Sg300 52	All versions
Cisco Sg300 52mp	All versions
Cisco Sg300 52p	All versions

Related CWEs

CWE-399

References (2)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.