cisco-sa-smb-switches-tokens-UzwpR4e5: Cisco Small Business Series Switches Session Credentials Replay Vulnerability

First published: Wed Nov 03 2021(Updated: )

A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-tokens-UzwpR4e5

Credit: Ken Pyle Partner Exploit Developer at CYBIR (CYBIR.COM).

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/last-modified-date
• agent/severity
• agent/author
• agent/references
• agent/title
• agent/weakness
• agent/description
• agent/first-publish-date
• agent/event
• agent/source
• agent/softwarecombine
• agent/tags
• collector/cisco-advisory
• source/Cisco
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/cisco
• canonical/cisco business 250/350 series switches firmware
• version/cisco business 250/350 series switches firmware/2.5 and earlier
• canonical/cisco business 250 series switches