A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or cause a denial of service (DoS) condition on an affected device.

Project Subscriptions

Vendors Products
Sf200-24 Subscribe
Sf200-24 Firmware Subscribe
Sf200-24fp Subscribe
Sf200-24fp Firmware Subscribe
Sf200-24p Subscribe
Sf200-24p Firmware Subscribe
Sf200-48 Subscribe
Sf200-48 Firmware Subscribe
Sf200-48p Subscribe
Sf200-48p Firmware Subscribe
Sf200e-24 Subscribe
Sf200e-24 Firmware Subscribe
Sf200e-24p Subscribe
Sf200e-24p Firmware Subscribe
Sf200e-48 Subscribe
Sf200e-48 Firmware Subscribe
Sf200e48p Subscribe
Sf200e48p Firmware Subscribe
Sf250-08 Subscribe
Sf250-08 Firmware Subscribe
Sf250-08hp Subscribe
Sf250-08hp Firmware Subscribe
Sf250-10p Subscribe
Sf250-10p Firmware Subscribe
Sf250-18 Subscribe
Sf250-18 Firmware Subscribe
Sf250-24 Subscribe
Sf250-24 Firmware Subscribe
Sf250-24p Subscribe
Sf250-24p Firmware Subscribe
Sf250-26 Subscribe
Sf250-26 Firmware Subscribe
Sf250-26hp Subscribe
Sf250-26hp Firmware Subscribe
Sf250-26p Subscribe
Sf250-26p Firmware Subscribe
Sf250-48 Subscribe
Sf250-48 Firmware Subscribe
Sf250-48hp Subscribe
Sf250-48hp Firmware Subscribe
Sf250-50 Subscribe
Sf250-50 Firmware Subscribe
Sf250-50hp Subscribe
Sf250-50hp Firmware Subscribe
Sf250-50p Subscribe
Sf250-50p Firmware Subscribe
Sf250x-24 Subscribe
Sf250x-24 Firmware Subscribe
Sf250x-24p Subscribe
Sf250x-24p Firmware Subscribe
Sf250x-48 Subscribe
Sf250x-48 Firmware Subscribe
Sf250x-48p Subscribe
Sf250x-48p Firmware Subscribe
Sf300-08 Subscribe
Sf300-08 Firmware Subscribe
Sf300-24 Subscribe
Sf300-24 Firmware Subscribe
Sf300-24mp Subscribe
Sf300-24mp Firmware Subscribe
Sf300-24p Subscribe
Sf300-24p Firmware Subscribe
Sf300-24pp Subscribe
Sf300-24pp Firmware Subscribe
Sf300-48 Subscribe
Sf300-48 Firmware Subscribe
Sf300-48p Subscribe
Sf300-48p Firmware Subscribe
Sf300-48pp Subscribe
Sf300-48pp Firmware Subscribe
Sf302-08 Subscribe
Sf302-08 Firmware Subscribe
Sf302-08mp Subscribe
Sf302-08mp Firmware Subscribe
Sf302-08mpp Subscribe
Sf302-08mpp Firmware Subscribe
Sf302-08p Subscribe
Sf302-08p Firmware Subscribe
Sf302-08pp Subscribe
Sf302-08pp Firmware Subscribe
Sf350-48 Subscribe
Sf350-48 Firmware Subscribe
Sf350-48mp Subscribe
Sf350-48mp Firmware Subscribe
Sf350-48p Subscribe
Sf350-48p Firmware Subscribe
Sf500-24 Subscribe
Sf500-24 Firmware Subscribe
Sf500-24p Subscribe
Sf500-24p Firmware Subscribe
Sf500-48 Subscribe
Sf500-48 Firmware Subscribe
Sf500-48p Subscribe
Sf500-48p Firmware Subscribe
Sf550x-24 Subscribe
Sf550x-24 Firmware Subscribe
Sf550x-24mp Subscribe
Sf550x-24mp Firmware Subscribe
Sf550x-24p Subscribe
Sf550x-24p Firmware Subscribe
Sf550x-48 Subscribe
Sf550x-48 Firmware Subscribe
Sf550x-48mp Subscribe
Sf550x-48mp Firmware Subscribe
Sf550x-48p Subscribe
Sf550x-48p Firmware Subscribe
Sg200-08 Subscribe
Sg200-08 Firmware Subscribe
Sg200-08p Subscribe
Sg200-08p Firmware Subscribe
Sg200-10fp Subscribe
Sg200-10fp Firmware Subscribe
Sg200-18 Subscribe
Sg200-18 Firmware Subscribe
Sg200-26 Subscribe
Sg200-26 Firmware Subscribe
Sg200-26fp Subscribe
Sg200-26fp Firmware Subscribe
Sg200-26p Subscribe
Sg200-26p Firmware Subscribe
Sg200-50 Subscribe
Sg200-50 Firmware Subscribe
Sg200-50fp Subscribe
Sg200-50fp Firmware Subscribe
Sg200-50p Subscribe
Sg200-50p Firmware Subscribe
Sg300-10 Subscribe
Sg300-10 Firmware Subscribe
Sg300-10mp Subscribe
Sg300-10mp Firmware Subscribe
Sg300-10mpp Subscribe
Sg300-10mpp Firmware Subscribe
Sg300-10p Subscribe
Sg300-10p Firmware Subscribe
Sg300-10pp Subscribe
Sg300-10pp Firmware Subscribe
Sg300-10sfp Subscribe
Sg300-10sfp Firmware Subscribe
Sg300-20 Subscribe
Sg300-20 Firmware Subscribe
Sg300-28 Subscribe
Sg300-28 Firmware Subscribe
Sg300-28mp Subscribe
Sg300-28mp Firmware Subscribe
Sg300-28p Subscribe
Sg300-28p Firmware Subscribe
Sg300-28pp Subscribe
Sg300-28pp Firmware Subscribe
Sg300-52 Subscribe
Sg300-52 Firmware Subscribe
Sg300-52mp Subscribe
Sg300-52mp Firmware Subscribe
Sg300-52p Subscribe
Sg300-52p Firmware Subscribe
Sg350-10 Subscribe
Sg350-10 Firmware Subscribe
Sg350-10mp Subscribe
Sg350-10mp Firmware Subscribe
Sg350-10p Subscribe
Sg350-10p Firmware Subscribe
Sg350-28 Subscribe
Sg350-28 Firmware Subscribe
Sg350-28mp Subscribe
Sg350-28mp Firmware Subscribe
Sg350-28p Subscribe
Sg350-28p Firmware Subscribe
Sg355-10p Subscribe
Sg355-10p Firmware Subscribe
Sg500-28 Subscribe
Sg500-28 Firmware Subscribe
Sg500-28mpp Subscribe
Sg500-28mpp Firmware Subscribe
Sg500-28p Subscribe
Sg500-28p Firmware Subscribe
Sg500-52 Subscribe
Sg500-52 Firmware Subscribe
Sg500-52mp Subscribe
Sg500-52mp Firmware Subscribe
Sg500-52p Subscribe
Sg500-52p Firmware Subscribe
Sg500x-24 Subscribe
Sg500x-24 Firmware Subscribe
Sg500x-24p Subscribe
Sg500x-24p Firmware Subscribe
Sg500x-48 Subscribe
Sg500x-48 Firmware Subscribe
Sg500x-48p Subscribe
Sg500x-48p Firmware Subscribe
Sg500xg-8f8t Subscribe
Sg500xg-8f8t Firmware Subscribe
Sg550x-24 Subscribe
Sg550x-24 Firmware Subscribe
Sg550x-24mp Subscribe
Sg550x-24mp Firmware Subscribe
Sg550x-24mpp Subscribe
Sg550x-24mpp Firmware Subscribe
Sg550x-24p Subscribe
Sg550x-24p Firmware Subscribe
Sg550x-48 Subscribe
Sg550x-48 Firmware Subscribe
Sg550x-48mp Subscribe
Sg550x-48mp Firmware Subscribe
Sg550x-48p Subscribe
Sg550x-48p Firmware Subscribe
Sx550x-12f Subscribe
Sx550x-12f Firmware Subscribe
Sx550x-16ft Subscribe
Sx550x-16ft Firmware Subscribe
Sx550x-24 Subscribe
Sx550x-24 Firmware Subscribe
Sx550x-24f Subscribe
Sx550x-24f Firmware Subscribe
Sx550x-24ft Subscribe
Sx550x-24ft Firmware Subscribe
Sx550x-52 Subscribe
Sx550x-52 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2019-4227 A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or cause a denial of service (DoS) condition on an affected device.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 21 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-11-21T19:09:59.032Z

Reserved: 2019-06-04T00:00:00.000Z

Link: CVE-2019-12636

cve-icon Vulnrichment

Updated: 2024-08-04T23:24:39.194Z

cve-icon NVD

Status : Modified

Published: 2019-10-16T19:15:10.987

Modified: 2024-11-21T04:23:14.233

Link: CVE-2019-12636

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses