First published: Wed Jul 17 2019(Updated: )
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Sg200-50 Firmware | ||
Cisco Sg200-50 | ||
Cisco Sg200-50p Firmware | ||
Cisco Sg200-50p | ||
Cisco Sg200-50fp Firmware | ||
Cisco Sg200-50fp | ||
Cisco Sg200-26 Firmware | ||
Cisco Sg200-26 | ||
Cisco Sg200-26p Firmware | ||
Cisco Sg200-26p | ||
Cisco Sg200-26fp Firmware | ||
Cisco Sg200-26fp | ||
Cisco Sg200-18 Firmware | ||
Cisco Sg200-18 | ||
Cisco Sg200-10fp Firmware | ||
Cisco Sg200-10fp | ||
Cisco Sg200-08 Firmware | ||
Cisco Sg200-08 | ||
Cisco Sg200-08p Firmware | ||
Cisco Sg200-08p | ||
Cisco Sf200-24 Firmware | ||
Cisco Sf200-24 | ||
Cisco Sf200-24p Firmware | ||
Cisco Sf200-24p | ||
Cisco Sf200-24fp Firmware | ||
Cisco Sf200-24fp | ||
Cisco Sf200-48 Firmware | ||
Cisco Sf200-48 | ||
Cisco Sf200-48p Firmware | ||
Cisco Sf200-48p | ||
Cisco Sf302-08pp Firmware | =1.3.7.18 | |
Cisco Sf302-08pp | ||
Cisco Sf302-08mpp Firmware | =1.3.7.18 | |
Cisco Sf302-08mpp | ||
Cisco Sg300-10pp Firmware | =1.3.7.18 | |
Cisco Sg300-10pp | ||
Cisco Sg300-10mpp Firmware | =1.3.7.18 | |
Cisco Sg300-10mpp | ||
Cisco Sf300-24pp Firmware | =1.3.7.18 | |
Cisco Sf300-24pp | ||
Cisco Sf300-48pp Firmware | =1.3.7.18 | |
Cisco Sf300-48pp | ||
Cisco Sg300-28pp Firmware | =1.3.7.18 | |
Cisco Sg300-28pp | ||
Cisco Sf300-08 Firmware | =1.3.7.18 | |
Cisco Sf300-08 | ||
Cisco Sf300-48p Firmware | =1.3.7.18 | |
Cisco Sf300-48p | ||
Cisco Sg300-10mp Firmware | =1.3.7.18 | |
Cisco Sg300-10mp | ||
Cisco Sg300-10p Firmware | =1.3.7.18 | |
Cisco Sg300-10p | ||
Cisco Sg300-10 Firmware | =1.3.7.18 | |
Cisco Sg300-10 | ||
Cisco Sg300-28p Firmware | =1.3.7.18 | |
Cisco Sg300-28p | ||
Cisco Sf300-24p Firmware | =1.3.7.18 | |
Cisco Sf300-24p | ||
Cisco Sf302-08mp Firmware | =1.3.7.18 | |
Cisco Sf302-08mp | ||
Cisco Sg300-28 Firmware | =1.3.7.18 | |
Cisco Sg300-28 | ||
Cisco Sf300-48 Firmware | =1.3.7.18 | |
Cisco Sf300-48 | ||
Cisco Sg300-20 Firmware | =1.3.7.18 | |
Cisco Sg300-20 | ||
Cisco Sf302-08p Firmware | =1.3.7.18 | |
Cisco Sf302-08p | ||
Cisco Sg300-52 Firmware | =1.3.7.18 | |
Cisco Sg300-52 | ||
Cisco Sf300-24 Firmware | =1.3.7.18 | |
Cisco Sf300-24 | ||
Cisco Sf302-08 Firmware | =1.3.7.18 | |
Cisco Sf302-08 | ||
Cisco Sf300-24mp Firmware | =1.3.7.18 | |
Cisco Sf300-24mp | ||
Cisco Sg300-10sfp Firmware | =1.3.7.18 | |
Cisco Sg300-10sfp | ||
Cisco Sg300-28mp Firmware | =1.3.7.18 | |
Cisco Sg300-28mp | ||
Cisco Sg300-52p Firmware | =1.3.7.18 | |
Cisco Sg300-52p | ||
Cisco Sg300-52mp Firmware | =1.3.7.18 | |
Cisco Sg300-52mp | ||
Cisco Sg500-28mpp Firmware | ||
Cisco Sg500-28mpp | ||
Cisco Sg500-52mp Firmware | ||
Cisco Sg500-52mp | ||
Cisco Sg500xg-8f8t Firmware | ||
Cisco Sg500xg-8f8t | ||
Cisco Sf500-24 Firmware | ||
Cisco Sf500-24 | ||
Cisco Sf500-24p Firmware | ||
Cisco Sf500-24p | ||
Cisco Sf500-48 Firmware | ||
Cisco Sf500-48 | ||
Cisco Sf500-48p Firmware | ||
Cisco Sf500-48p | ||
Cisco Sg500-28 Firmware | ||
Cisco Sg500-28 | ||
Cisco Sg500-28p Firmware | ||
Cisco Sg500-28p | ||
Cisco Sg500-52 Firmware | ||
Cisco Sg500-52 | ||
Cisco Sg500-52p Firmware | ||
Cisco Sg500-52p | ||
Cisco Sg500x-24 Firmware | ||
Cisco Sg500x-24 | ||
Cisco Sg500x-24p Firmware | ||
Cisco Sg500x-24p | ||
Cisco Sg500x-48 Firmware | ||
Cisco Sg500x-48 | ||
Cisco Sg500x-48p Firmware | ||
Cisco Sg500x-48p |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.