medium
6.8
CWE
119
Advisory Published
Updated

CVE-2017-6720: Buffer Overflow

First published: Thu Sep 21 2017(Updated: )

A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SSH connections. An attacker could exploit this vulnerability by logging in to an affected switch via SSH and sending a malicious SSH message. This vulnerability affects the following Cisco products when SSH is enabled: Small Business 300 Series Managed Switches, Small Business 500 Series Stackable Managed Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvb48377.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Sf302-08pp Firmware<1.4.8.06
Cisco Sf302-08pp
Cisco Sf302-08mpp Firmware<1.4.8.06
Cisco Sf302-08mpp
Cisco Sg300-10pp Firmware<1.4.8.06
Cisco Sg300-10pp
Cisco Sg300-10mpp Firmware<1.4.8.06
Cisco Sg300-10mpp
Cisco Sf300-24pp Firmware<1.4.8.06
Cisco Sf300-24pp
Cisco Sf300-48pp Firmware<1.4.8.06
Cisco Sf300-48pp
Cisco Sg300-28pp Firmware<1.4.8.06
Cisco Sg300-28pp
Cisco Sf300-08 Firmware<1.4.8.06
Cisco Sf300-08
Cisco Sf300-48p Firmware<1.4.8.06
Cisco Sf300-48p
Cisco Sg300-10mp Firmware<1.4.8.06
Cisco Sg300-10mp
Cisco Sg300-10p Firmware<1.4.8.06
Cisco Sg300-10p
Cisco Sg300-10 Firmware<1.4.8.06
Cisco Sg300-10
Cisco Sg300-28p Firmware<1.4.8.06
Cisco Sg300-28p
Cisco Sf300-24p Firmware<1.4.8.06
Cisco Sf300-24p
Cisco Sf302-08mp Firmware<1.4.8.06
Cisco Sf302-08mp
Cisco Sg300-28 Firmware<1.4.8.06
Cisco Sg300-28
Cisco Sf300-48 Firmware<1.4.8.06
Cisco Sf300-48
Cisco Sg300-20 Firmware<1.4.8.06
Cisco Sg300-20
Cisco Sf302-08p Firmware<1.4.8.06
Cisco Sf302-08p
Cisco Sg300-52 Firmware<1.4.8.06
Cisco Sg300-52
Cisco Sf300-24 Firmware<1.4.8.06
Cisco Sf300-24
Cisco Sf302-08 Firmware<1.4.8.06
Cisco Sf302-08
Cisco Sf300-24mp Firmware<1.4.8.06
Cisco Sf300-24mp
Cisco Sg300-10sfp Firmware<1.4.8.06
Cisco Sg300-10sfp
Cisco Sg300-28mp Firmware<1.4.8.06
Cisco Sg300-28mp
Cisco Sg300-52p Firmware<1.4.8.06
Cisco Sg300-52p
Cisco Sg300-52mp Firmware<1.4.8.06
Cisco Sg300-52mp
Cisco Sg500-28mpp Firmware<1.4.8.06
Cisco Sg500-28mpp
Cisco Sg500-52mp Firmware<1.4.8.06
Cisco Sg500-52mp
Cisco Sg500xg-8f8t Firmware<1.4.8.06
Cisco Sg500xg-8f8t
Cisco Sf500-24 Firmware<1.4.8.06
Cisco Sf500-24
Cisco Sf500-24p Firmware<1.4.8.06
Cisco Sf500-24p
Cisco Sf500-48 Firmware<1.4.8.06
Cisco Sf500-48
Cisco Sf500-48p Firmware<1.4.8.06
Cisco Sf500-48p
Cisco Sg500-28 Firmware<1.4.8.06
Cisco Sg500-28
Cisco Sg500-28p Firmware<1.4.8.06
Cisco Sg500-28p
Cisco Sg500-52 Firmware<1.4.8.06
Cisco Sg500-52
Cisco Sg500-52p Firmware<1.4.8.06
Cisco Sg500-52p
Cisco Sg500x-24 Firmware<1.4.8.06
Cisco Sg500x-24
Cisco Sg500x-24p Firmware<1.4.8.06
Cisco Sg500x-24p
Cisco Sg500x-48 Firmware<1.4.8.06
Cisco Sg500x-48
Cisco Sg500x-48p Firmware<1.4.8.06
Cisco Sg500x-48p
Cisco Esw2-350g-52 Firmware<1.4.8.06
Cisco Esw2-350g-52
Cisco Esw2-350g-52dc Firmware<1.4.8.06
Cisco Esw2-350g-52dc
Cisco Esw2-550x-48 Firmware<1.4.8.06
Cisco Esw2-550x-48
Cisco Esw2-550x-48dc Firmware<1.4.8.06
Cisco Esw2-550x-48dc
Cisco Sg350-10 Firmware<2.3.0.130
Cisco Sg350-10
Cisco Sg350-10p Firmware<2.3.0.130
Cisco Sg350-10p
Cisco Sg350-10mp Firmware<2.3.0.130
Cisco Sg350-10mp
Cisco Sg355-10p Firmware<2.3.0.130
Cisco Sg355-10p
Cisco Sg350-28 Firmware<2.3.0.130
Cisco Sg350-28
Cisco Sg350-28p Firmware<2.3.0.130
Cisco Sg350-28p
Cisco Sg350-28mp Firmware<2.3.0.130
Cisco Sg350-28mp
Cisco Sf350-48 Firmware<2.3.0.130
Cisco Sf350-48
Cisco Sf350-48p Firmware<2.3.0.130
Cisco Sf350-48p
Cisco Sf350-48mp Firmware<2.3.0.130
Cisco Sf350-48mp
Cisco Sg350xg-2f10 Firmware<2.3.0.130
Cisco Sg350xg-2f10
Cisco Sg350xg-24f Firmware<2.3.0.130
Cisco Sg350xg-24f
Cisco Sg350xg-24t Firmware<2.3.0.130
Cisco Sg350xg-24t
Cisco Sg350xg-48t Firmware<2.3.0.130
Cisco Sg350xg-48t
Cisco Sg350x-24 Firmware<2.3.0.130
Cisco Sg350x-24
Cisco Sg350x-24p Firmware<2.3.0.130
Cisco Sg350x-24p
Cisco Sg350x-24mp Firmware<2.3.0.130
Cisco Sg350x-24mp
Cisco Sg350x-48 Firmware<2.3.0.130
Cisco Sg350x-48
Cisco Sg350x-48p Firmware<2.3.0.130
Cisco Sg350x-48p
Cisco Sg350x-48mp Firmware<2.3.0.130
Cisco Sg350x-48mp
Cisco Sx550x-16ft Firmware<2.3.0.130
Cisco Sx550x-16ft
Cisco Sx550x-24ft Firmware<2.3.0.130
Cisco Sx550x-24ft
Cisco Sx550x-12f Firmware<2.3.0.130
Cisco Sx550x-12f
Cisco Sx550x-24f Firmware<2.3.0.130
Cisco Sx550x-24f
Cisco Sx550x-24 Firmware<2.3.0.130
Cisco Sx550x-24
Cisco Sx550x-52 Firmware<2.3.0.130
Cisco Sx550x-52
Cisco Sg550x-24 Firmware<2.3.0.130
Cisco Sg550x-24
Cisco Sg550x-24p Firmware<2.3.0.130
Cisco Sg550x-24p
Cisco Sg550x-24mp Firmware<2.3.0.130
Cisco Sg550x-24mp
Cisco Sg550x-24mpp Firmware<2.3.0.130
Cisco Sg550x-24mpp
Cisco Sg550x-48 Firmware<2.3.0.130
Cisco Sg550x-48
Cisco Sg550x-48p Firmware<2.3.0.130
Cisco Sg550x-48p
Cisco Sg550x-48mp Firmware<2.3.0.130
Cisco Sg550x-48mp
Cisco Sf550x-24 Firmware<2.3.0.130
Cisco Sf550x-24
Cisco Sf550x-24p Firmware<2.3.0.130
Cisco Sf550x-24p
Cisco Sf550x-24mp Firmware<2.3.0.130
Cisco Sf550x-24mp
Cisco Sf550x-48 Firmware<2.3.0.130
Cisco Sf550x-48
Cisco Sf550x-48p Firmware<2.3.0.130
Cisco Sf550x-48p
Cisco Sf550x-48mp Firmware<2.3.0.130
Cisco Sf550x-48mp

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203