← Back

CVE-2019-1892

nvd nist
Published: Jul 6, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition.

Affected (57)

Products: Cisco: Sf200 24 Firmware, Sf200 24p Firmware, Sf200 48 Firmware, Sf200 48p Firmware, Sg200 18 Firmware, Sg200 26 Firmware, Sg200 26p Firmware, Sg200 50 Firmware, Sg200 50p Firmware, Sg300 10 Firmware, Sg300 10mp Firmware, Sg300 10mpp Firmware, Sg300 10sfp Firmware, Sg300 10p Firmware, Sg300 10pp Firmware, Sg300 20 Firmware, Sg300 28 Firmware, Sg300 28p Firmware, Sg300 28pp Firmware, Sg300 28mp Firmware, Sg300 28sfp Firmware, Sg300 52 Firmware, Sg300 52p Firmware, Sg300 52mp Firmware, Sf300 08 Firmware, Sf302 08 Firmware, Sf302 08mp Firmware, Sf302 08p Firmware, Sf302 08pp Firmware, Sf302 08mpp Firmware, Sf300 24 Firmware, Sf300 24p Firmware, Sf300 24mp Firmware, Sf300 24pp Firmware, Sf300 48 Firmware, Sf300 48p Firmware, Sf300 48pp Firmware, Sf500 24 Firmware, Sf500 24p Firmware, Sf500 24mp Firmware, Sf500 48 Firmware, Sf500 48p Firmware, Sf500 48mp Firmware, Sg500 28 Firmware, Sg500 28p Firmware, Sg500 28mpp Firmware, Sg500 52 Firmware, Sg500 52p Firmware, Sg500 52mp Firmware, Sg500x 24 Firmware, Sg500x24mpp Firmware, Sg500x 48 Firmware, Sg500x 48p Firmware, Sg500x 48mp Firmware, Sg500xg8f8t Firmware, Esw2 350g52dc Firmware, Esw2 550x48dc Firmware
Cisco
57 products
Sf200 24 Firmware
Sf200 24p Firmware
Sf200 48 Firmware
Sf200 48p Firmware
Sg200 18 Firmware
Sg200 26 Firmware
Sg200 26p Firmware
Sg200 50 Firmware
Sg200 50p Firmware
Sg300 10 Firmware
Sg300 10mp Firmware
Sg300 10mpp Firmware
Sg300 10sfp Firmware
Sg300 10p Firmware
Sg300 10pp Firmware
Sg300 20 Firmware
Sg300 28 Firmware
Sg300 28p Firmware
Sg300 28pp Firmware
Sg300 28mp Firmware
Sg300 28sfp Firmware
Sg300 52 Firmware
Sg300 52p Firmware
Sg300 52mp Firmware
Sf300 08 Firmware
Sf302 08 Firmware
Sf302 08mp Firmware
Sf302 08p Firmware
Sf302 08pp Firmware
Sf302 08mpp Firmware
Sf300 24 Firmware
Sf300 24p Firmware
Sf300 24mp Firmware
Sf300 24pp Firmware
Sf300 48 Firmware
Sf300 48p Firmware
Sf300 48pp Firmware
Sf500 24 Firmware
Sf500 24p Firmware
Sf500 24mp Firmware
Sf500 48 Firmware
Sf500 48p Firmware
Sf500 48mp Firmware
Sg500 28 Firmware
Sg500 28p Firmware
Sg500 28mpp Firmware
Sg500 52 Firmware
Sg500 52p Firmware
Sg500 52mp Firmware
Sg500x 24 Firmware
Sg500x24mpp Firmware
Sg500x 48 Firmware
Sg500x 48p Firmware
Sg500x 48mp Firmware
Sg500xg8f8t Firmware
Esw2 350g52dc Firmware
Esw2 550x48dc Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf200 24 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf200 24
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf200 24p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf200 24p
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf200 48 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf200 48
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf200 48p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf200 48p
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg200 18 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg200 18
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg200 26 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg200 26
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg200 26p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg200 26p
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg200 50 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg200 50
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg200 50p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg200 50p
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 10 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 10
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 10mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 10mp
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 10mpp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 10mpp
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 10sfp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 10sfp
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 10p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 10p
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 10pp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 10pp
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 20 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 20
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 28 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 28
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 28p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 28p
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 28pp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 28pp
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 28mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 28mp
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 28sfp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 28sfp
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 52 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 52
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 52p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 52p
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg300 52mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg300 52mp
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 08 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 08
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf302 08 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf302 08
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf302 08mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf302 08mp
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf302 08p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf302 08p
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf302 08pp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf302 08pp
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf302 08mpp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf302 08mpp
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 24 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 24
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 24p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 24p
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 24mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 24mp
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 24pp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 24pp
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 48 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 48
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 48p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 48p
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf300 48pp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf300 48pp
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf500 24 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf500 24
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf500 24p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf500 24p
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf500 24mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf500 24mp
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf500 48 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf500 48
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf500 48p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf500 48p
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf500 48mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sf500 48mp
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500 28 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500 28
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500 28p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500 28p
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500 28mpp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500 28mpp
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500 52 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500 52
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500 52p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500 52p
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500 52mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500 52mp
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500x 24 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500x 24
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500x24mpp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500x24mpp
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500x 48 Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500x 48
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500x 48p Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500x 48p
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500x 48mp Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500x 48mp
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg500xg8f8t Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Sg500xg8f8t
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Esw2 350g52dc Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Esw2 350g52dc
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Esw2 550x48dc Firmware
Before 1.4.10.6
Running on/withPlatform Versions
Cisco
Esw2 550x48dc
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.