VDB

CVE-2019-1891

CVE-2019-1891 PUBLISHED CVSS 7.5 HIGH

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.

EPSS 0.65% · 71.3th percentile

Risk Scores

CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.65%
71.3th percentile

Affected Products

VendorProductVersions
ciscosg500xg8f8t_firmware0
ciscosg300-10pp_firmware0
ciscosf200-48p_firmware0
ciscosg200-50_firmware0
ciscosg300-10p_firmware0
ciscosg300-28sfp_firmware0
ciscosg300-10mp_firmware0
ciscosg300-52mp_firmware0
ciscosf300-08_firmware0
ciscosf300-24_firmware0
ciscosg300-28mp_firmware0
ciscosf500-24_firmware0
ciscosf302-08pp_firmware0
ciscosf300-24p_firmware0
ciscosf302-08_firmware0
ciscosf300-48pp_firmware0
ciscosf500-24p_firmware0
ciscosf500-48p_firmware0
ciscosg500x-48_firmware0
ciscosf302-08mpp_firmware0

…and 38 more

Exploit Intelligence

Timeline

  • Jul 3, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›