CVE-2021-34757: Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities
First published: Wed Oct 06 2021(Updated: )
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Business 220-8t-e-2g | <=1.2.0.6 | |
| Cisco Business 220-8t-e-2g Firmware | ||
| Cisco Business 220-8p-e-2g | <=1.2.0.6 | |
| Cisco Business 220-8p-e-2g Firmware | ||
| Cisco Business 220-8fp-e-2g Firmware | <=1.2.0.6 | |
| Cisco Business 220-8fp-e-2g Firmware | ||
| Cisco Business 220-16T-2G Firmware | <=1.2.0.6 | |
| Cisco Business 220-16t-2g Firmware | ||
| Cisco Business 220-16p-2g Firmware | <=1.2.0.6 | |
| Cisco Business 220-16p-2g Firmware | ||
| Cisco Business 220-24t-4g Firmware | <=1.2.0.6 | |
| Cisco Business 220-24t-4g Firmware | ||
| Cisco Business 220-24p-4g Firmware | <=1.2.0.6 | |
| Cisco Business 220-24p-4g Firmware | ||
| Cisco Business 220-24fp-4g Firmware | <=1.2.0.6 | |
| Cisco Business 220-24t-4g Firmware | ||
| Cisco Business 220-48T-4G Firmware | <=1.2.0.6 | |
| Cisco Business 220-48t-4g Firmware | ||
| Cisco Business 220 Series Firmware | <=1.2.0.6 | |
| Cisco Business 220-48p-4g | ||
| Cisco Business 220-24t-4x | <=1.2.0.6 | |
| Cisco Business 220-24t-4x Firmware | ||
| Cisco Business 220-24p-4x | <=1.2.0.6 | |
| Cisco Business 220-24p-4x Firmware | ||
| Cisco Business 220-24fp-4x Firmware | <=1.2.0.6 | |
| Cisco Business 220-24fp-4x Firmware | ||
| Cisco Business 220 Series Firmware | <=1.2.0.6 | |
| Cisco Business 220-48t-4x Firmware | ||
| Cisco Business 220-48p-4x Firmware | <=1.2.0.6 | |
| Cisco Business 220-48p-4x Firmware | ||
| Cisco Business 220-48fp-4x Firmware | <=1.2.0.6 | |
| Cisco Business 220-48fp-4x Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-34757?
CVE-2021-34757 is a vulnerability in Cisco Business 220 Series Smart Switches firmware that allows an attacker with Administrator privileges to access sensitive login credentials or reconfigure user account passwords.
How severe is CVE-2021-34757?
CVE-2021-34757 has a severity rating of 5.5, which is considered medium.
Which software versions are affected by CVE-2021-34757?
Cisco Business 220-8t-e-2g Firmware versions up to and including 1.2.0.6 are affected.
How can I fix CVE-2021-34757?
To fix CVE-2021-34757, Cisco has released a security advisory with instructions. Please refer to the reference link provided for more information.
Where can I find more information about CVE-2021-34757?
You can find more information about CVE-2021-34757 in the Cisco Security Advisory available at the reference link provided.
- agent/weakness
- agent/type
- agent/author
- agent/severity
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco business 220-8t-e-2g
- version/cisco business 220-8t-e-2g/1.2.0.6
- canonical/cisco business 220-8t-e-2g firmware
- canonical/cisco business 220-8p-e-2g
- version/cisco business 220-8p-e-2g/1.2.0.6
- canonical/cisco business 220-8p-e-2g firmware
- canonical/cisco business 220-8fp-e-2g firmware
- version/cisco business 220-8fp-e-2g firmware/1.2.0.6
- canonical/cisco business 220-16t-2g firmware
- version/cisco business 220-16t-2g firmware/1.2.0.6
- canonical/cisco business 220-16p-2g firmware
- version/cisco business 220-16p-2g firmware/1.2.0.6
- canonical/cisco business 220-24t-4g firmware
- version/cisco business 220-24t-4g firmware/1.2.0.6
- canonical/cisco business 220-24p-4g firmware
- version/cisco business 220-24p-4g firmware/1.2.0.6
- canonical/cisco business 220-24fp-4g firmware
- version/cisco business 220-24fp-4g firmware/1.2.0.6
- canonical/cisco business 220-48t-4g firmware
- version/cisco business 220-48t-4g firmware/1.2.0.6
- canonical/cisco business 220 series firmware
- version/cisco business 220 series firmware/1.2.0.6
- canonical/cisco business 220-48p-4g
- canonical/cisco business 220-24t-4x
- version/cisco business 220-24t-4x/1.2.0.6
- canonical/cisco business 220-24t-4x firmware
- canonical/cisco business 220-24p-4x
- version/cisco business 220-24p-4x/1.2.0.6
- canonical/cisco business 220-24p-4x firmware
- canonical/cisco business 220-24fp-4x firmware
- version/cisco business 220-24fp-4x firmware/1.2.0.6
- canonical/cisco business 220-48t-4x firmware
- canonical/cisco business 220-48p-4x firmware
- version/cisco business 220-48p-4x firmware/1.2.0.6
- canonical/cisco business 220-48fp-4x firmware
- version/cisco business 220-48fp-4x firmware/1.2.0.6