Vulnerabilities > Cisco > Sg500Xg 8F8T Firmware > 1.4.8.06
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2019-15993 | Improper Authentication vulnerability in Cisco products A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. | 5.3 |
| 2020-08-26 | CVE-2020-3496 | Improper Input Validation vulnerability in Cisco products A vulnerability in the IPv6 packet processing engine of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.3 |
| 2019-10-16 | CVE-2019-12718 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 6.1 |
| 2019-10-16 | CVE-2019-12636 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
| 2019-05-03 | CVE-2019-1859 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. | 7.2 |
| 2018-01-18 | CVE-2017-12308 | Unspecified vulnerability in Cisco products A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. | 6.1 |
| 2018-01-18 | CVE-2017-12307 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |