Vulnerabilities > Cisco > Sg250 08 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2019-15993 Improper Authentication vulnerability in Cisco products
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information.
network
low complexity
cisco CWE-287
5.3
2020-08-26 CVE-2020-3496 Improper Input Validation vulnerability in Cisco products
A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
5.3
2020-01-26 CVE-2020-3121 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
6.1