Vulnerabilities > Cisco > Sg550X 24P Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-11-08 CVE-2018-15439 Use of Hard-coded Credentials vulnerability in Cisco products
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device.
network
low complexity
cisco CWE-798
critical
9.8
2018-01-18 CVE-2017-12308 Unspecified vulnerability in Cisco products
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system.
network
low complexity
cisco
6.1
2018-01-18 CVE-2017-12307 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system.
network
low complexity
cisco CWE-79
6.1
2017-09-21 CVE-2017-6720 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-119
6.5