Vulnerabilities > Cisco > Sf200E 24 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-04 CVE-2021-40127 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based management interface unusable, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
5.3
2019-10-16 CVE-2019-12718 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.
network
low complexity
cisco CWE-79
6.1