Vulnerabilities > Cisco > Sg350X 48 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-26 CVE-2024-20263 Unspecified vulnerability in Cisco products
A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device.
network
low complexity
cisco
7.2
2023-05-18 CVE-2023-20024 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
7.5
2021-11-04 CVE-2021-34739 Insufficient Session Expiration vulnerability in Cisco products
A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device.
network
high complexity
cisco CWE-613
8.1
2020-08-17 CVE-2020-3363 Improper Input Validation vulnerability in Cisco products
A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
8.6
2019-05-03 CVE-2019-1859 Improper Certificate Validation vulnerability in Cisco products
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication.
network
low complexity
cisco CWE-295
7.2