Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sf220\-24_firmware
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-06-16 | CVE-2021-1541 | Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory. | Sf220\-24_firmware, Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware | 7.2 | ||
| 2021-06-16 | CVE-2021-1542 | Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory. | Sf220\-24_firmware, Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware | 8.1 | ||
| 2021-06-16 | CVE-2021-1543 | Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory. | Sf220\-24_firmware, Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware | 6.1 | ||
| 2021-06-16 | CVE-2021-1571 | Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory. | Sf220\-24_firmware, Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware | 6.1 |