CVE-2016-1303

Published Jan 30, 2016

Last updated 9 years ago

CVSS high 7.5

Overview

Description: The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:500_series_switch_firmware:1.2.0.92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "002EBDD8-54C8-4AAF-BF4A-AA624082B647"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:sf500-24:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3D2ECC9D-B6C6-42B9-82ED-216641C04E5F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sf500-24p:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7FB7696-D7CE-428A-B9DB-91F168D541E2"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sf500-48:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8951DB6-83C0-476F-A257-8870866CDCE3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sf500-48p:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB07F4E8-D70B-4475-B402-77AB7A0E55E7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500-28:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "371ED03D-AC1A-41EF-BD95-0FD6E9BACFF4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500-28mpp:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "73FDF244-34DC-448A-B716-896AE74AFBE1"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500-28p:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1E0BA61C-8C87-4E8F-A280-7730493D11B6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500-52:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE1D9990-C936-4D77-964F-E5149CB49940"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500-52mp:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2396CE32-6E90-4F1F-AAE2-FADC09EE4699"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500-52p:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "32C43BA7-A9F6-4841-8660-C3A1F671C6A0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500x-24:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83F6D338-DF58-4389-B7A0-C63411BD437B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500x-24p:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2778C8FF-CDE8-46AE-A43F-28267A381D91"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500x-48:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2828F297-55B1-472B-9405-79C4A142C54D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500x-48p:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "65774D5F-6443-475C-95C5-8CE338D7FE4E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:sg500xg-8f8t:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D256913-1A29-47F6-A012-D5371F109366"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References