Vulnerability Description
The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | 200 Series Smart Switches Software | <= 1.2.7.76 |
| Cisco | 200 Series Smart Switches | sf200-24 |
| Cisco | 300 Series Managed Switches | sf300-08 |
| Cisco | 500 Series Stackable Managed Switches | sf500-24 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN05132866/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000017
- http://tools.cisco.com/security/center/viewAlert.x?alertId=27502Vendor Advisory
- http://jvn.jp/en/jp/JVN05132866/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000017
- http://tools.cisco.com/security/center/viewAlert.x?alertId=27502Vendor Advisory
FAQ
What is CVE-2013-1154?
CVE-2013-1154 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 an...
How severe is CVE-2013-1154?
CVE-2013-1154 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1154?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco 200 Series Smart Switches Software, Cisco 200 Series Smart Switches, Cisco 300 Series Managed Switches, Cisco 500 Series Stackable Managed Switches.