← Back

CVE-2020-3121

nvd nist
Published: Jan 26, 2020Modified: Nov 21, 2024

JSON object

Loading...
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD

Description

A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Affected (45)

Products: Cisco: Sg250x 24 Firmware, Sg250x 24p Firmware, Sg250x 48 Firmware, Sg250x 48p Firmware, Sg250 08 Firmware, Sg250 08hp Firmware, Sg250 10p Firmware, Sg250 18 Firmware, Sg250 26 Firmware, Sg250 26hp Firmware, Sg250 26p Firmware, Sg250 50 Firmware, Sg250 50hp Firmware, Sg250 50p Firmware, Sg250 24 Firmware, Sg250 24p Firmware, Sg250 48 Firmware, Sg250 48hp Firmware, Sf350 48 Firmware, Sf350 48p Firmware, Sf350 48mp Firmware, Sg350 10 Firmware, Sg350 10p Firmware, Sg350 10mp Firmware, Sg355 10mp Firmware, Sg350 28 Firmware, Sg350 28p Firmware, Sg350 28mp Firmware, Sx550x 16ft Firmware, Sx550x 12ft Firmware, Sx550x 24ft Firmware, Sx550x 24 Firmware, Sx550x 52 Firmware, Sg550x 24 Firmware, Sg550x 24p Firmware, Sg550x 24mp Firmware, Sg550x 24mpp Firmware, Sg550x 48 Firmware, Sg550x 48p Firmware, Sg550x 48mp Firmware, Sf550x 24 Firmware, Sf550x 24p Firmware, Sf550x 48 Firmware, Sf550x 48p Firmware, Sf550x 48mp Firmware
Cisco
45 products
Sg250x 24 Firmware
Sg250x 24p Firmware
Sg250x 48 Firmware
Sg250x 48p Firmware
Sg250 08 Firmware
Sg250 08hp Firmware
Sg250 10p Firmware
Sg250 18 Firmware
Sg250 26 Firmware
Sg250 26hp Firmware
Sg250 26p Firmware
Sg250 50 Firmware
Sg250 50hp Firmware
Sg250 50p Firmware
Sg250 24 Firmware
Sg250 24p Firmware
Sg250 48 Firmware
Sg250 48hp Firmware
Sf350 48 Firmware
Sf350 48p Firmware
Sf350 48mp Firmware
Sg350 10 Firmware
Sg350 10p Firmware
Sg350 10mp Firmware
Sg355 10mp Firmware
Sg350 28 Firmware
Sg350 28p Firmware
Sg350 28mp Firmware
Sx550x 16ft Firmware
Sx550x 12ft Firmware
Sx550x 24ft Firmware
Sx550x 24 Firmware
Sx550x 52 Firmware
Sg550x 24 Firmware
Sg550x 24p Firmware
Sg550x 24mp Firmware
Sg550x 24mpp Firmware
Sg550x 48 Firmware
Sg550x 48p Firmware
Sg550x 48mp Firmware
Sf550x 24 Firmware
Sf550x 24p Firmware
Sf550x 48 Firmware
Sf550x 48p Firmware
Sf550x 48mp Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250x 24 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250x 24
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250x 24p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250x 24p
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250x 48 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250x 48
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250x 48p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250x 48p
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 08 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 08
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 08hp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 08hp
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 10p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 10p
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 18 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 18
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 26 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 26
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 26hp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 26hp
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 26p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 26p
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 50 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 50
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 50hp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 50hp
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 50p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 50p
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 24 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 24
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 24p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 24p
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 48 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 48
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg250 48hp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg250 48hp
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf350 48 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf350 48
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf350 48p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf350 48p
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf350 48mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf350 48mp
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg350 10 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg350 10
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg350 10p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg350 10p
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg350 10mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg350 10mp
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg355 10mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg355 10mp
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg350 28 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg350 28
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg350 28p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg350 28p
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg350 28mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg350 28mp
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sx550x 16ft Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sx550x 16ft
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sx550x 12ft Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sx550x 12ft
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sx550x 24ft Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sx550x 24ft
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sx550x 24 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sx550x 24
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sx550x 52 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sx550x 52
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 24 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 24
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 24p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 24p
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 24mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 24mp
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 24mpp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 24mpp
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 48 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 48
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 48p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 48p
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sg550x 48mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sg550x 48mp
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf550x 24 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf550x 24
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf550x 24p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf550x 24p
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf550x 48 Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf550x 48
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf550x 48p Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf550x 48p
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sf550x 48mp Firmware
Up to 2.5.0.90
Running on/withPlatform Versions
Cisco
Sf550x 48mp
All versions

Related CWEs

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.