CVE-2016-1299
First published: Wed Jan 27 2016(Updated: )
The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw87174.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Small Business 300 Series Managed Switches | =1.4.1 | |
| Cisco SF300-08 Firmware | ||
| Cisco SF300-24 Firmware | ||
| Cisco SF300-24MP | ||
| Cisco SF300-24P Firmware | ||
| Cisco SF300-24PP Firmware | ||
| Cisco SF300-48P | ||
| Cisco SF300-48P Firmware | ||
| Cisco SF300-48PP Firmware | ||
| Cisco SF302-08 Firmware | ||
| Cisco SF302-08 | ||
| Cisco SF302-08 | ||
| Cisco SF302-08 | ||
| Cisco SF302-08 | ||
| Cisco SG300-10 Firmware | ||
| Cisco SG300-10MP Firmware | ||
| Cisco SG300-10MPP Firmware | ||
| Cisco SG300-10P Firmware | ||
| Cisco SG300-10PP Firmware | ||
| Cisco SG300-10SFP Firmware | ||
| Cisco SG300-20 Firmware | ||
| Cisco SG300-28 Firmware | ||
| Cisco SG300-28MP | ||
| Cisco SG300-28P | ||
| Cisco SG300-28PP Firmware | ||
| Cisco SG300-52P | ||
| Cisco SG300-52MP Firmware | ||
| Cisco SG300-52P Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-1299?
CVE-2016-1299 has been rated as a high-severity vulnerability due to its potential to cause a denial of service.
How do I fix CVE-2016-1299?
To fix CVE-2016-1299, upgrade the firmware of affected Cisco Small Business SG300 devices to the latest version.
Can CVE-2016-1299 be exploited remotely?
Yes, CVE-2016-1299 can be exploited remotely through crafted HTTPS requests.
Which devices are affected by CVE-2016-1299?
CVE-2016-1299 specifically affects Cisco Small Business SG300 devices running firmware version 1.4.1.x.
What is the impact of CVE-2016-1299?
The main impact of CVE-2016-1299 is a denial of service, resulting in an outage of HTTPS services.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco small business 300 series managed switches
- version/cisco small business 300 series managed switches/1.4.1
- canonical/cisco sf300-08 firmware
- canonical/cisco sf300-24 firmware
- canonical/cisco sf300-24mp
- canonical/cisco sf300-24p firmware
- canonical/cisco sf300-24pp firmware
- canonical/cisco sf300-48p
- canonical/cisco sf300-48p firmware
- canonical/cisco sf300-48pp firmware
- canonical/cisco sf302-08 firmware
- canonical/cisco sf302-08
- canonical/cisco sg300-10 firmware
- canonical/cisco sg300-10mp firmware
- canonical/cisco sg300-10mpp firmware
- canonical/cisco sg300-10p firmware
- canonical/cisco sg300-10pp firmware
- canonical/cisco sg300-10sfp firmware
- canonical/cisco sg300-20 firmware
- canonical/cisco sg300-28 firmware
- canonical/cisco sg300-28mp
- canonical/cisco sg300-28p
- canonical/cisco sg300-28pp firmware
- canonical/cisco sg300-52p
- canonical/cisco sg300-52mp firmware
- canonical/cisco sg300-52p firmware