{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf302-08pp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "4086928C-5FAA-4666-B196-D01F4DC60995", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf302-08pp:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFFEF3C3-0C7C-4359-A45F-00152ACAB545", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf302-08mpp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AD2C77D-0840-44D6-8C10-F98333D54A72", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf302-08mpp:-:*:*:*:*:*:*:*", "matchCriteriaId": "19890DBE-F1B9-4454-8738-AC2AC6704C75", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-10pp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B23DC360-E8CA-4172-9C2C-9C79F778BEE8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-10pp:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F1772C3-48DB-4BEF-9F12-CDCC3BBFA0E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-10mpp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6C971AD-C4A0-45F2-8A25-E1EBE85E4B92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-10mpp:-:*:*:*:*:*:*:*", "matchCriteriaId": "AAD7CDE3-7247-4EA9-8A72-7ABC961BD895", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-24pp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "53647218-5BAD-44FE-BBC6-92B7C210E629", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-24pp:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E7B70CB-9D7A-4637-8A51-634157F7AC85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-48pp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "016EB658-23E1-49FB-91F1-1487FED3F050", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-48pp:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5248F85-411D-4ED9-983C-A28A90C8FC70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-28pp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "CFD883E1-24F2-4AE6-903A-53C0EC505EF5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-28pp:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD6F6741-AA56-47EA-998C-78FD7F6B01CC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-08_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "D263DAF0-9532-45ED-AD68-8A8F7643A54D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-08:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C96B794-16D3-46FE-8A2B-262BD38994E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-48p_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "37EE1347-EA34-49F1-8D2D-8D601E4F3604", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-48p:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5307DEF-DCD1-417A-B649-FF4DCE66193E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-10mp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "160A84A0-9512-44CB-8CF8-84AE179B7D9D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-10mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "95F6D7AC-2ACB-4693-AB8E-C700B99C5BF4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-10p_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A16F71B7-2F58-4E2D-951F-D3DE33A3608C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-10p:-:*:*:*:*:*:*:*", "matchCriteriaId": "9054C3D1-BA1A-4BAC-8834-88673B804E4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-10_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "DD2D9C39-8959-421F-B59E-E58004EB0AB4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-10:-:*:*:*:*:*:*:*", "matchCriteriaId": "78B44981-5C59-4328-A7DB-FBF50F9C92C2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-28p_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F3D2D25C-94A3-437D-883D-8726EE2CDE88", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-28p:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2D5109D-C78B-4362-B000-0AA073FCC843", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-24p_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "1A237D24-4AD9-4DC0-A224-151C7B4EB073", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "71D909B9-5B11-401E-8484-D6CD39D64142", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf302-08mp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3779CB09-8250-46AC-9CF1-ED3572998313", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf302-08mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "8124725E-8340-43BC-BEBB-BC39E3AE7368", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-28_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FB7C5A7F-3CD8-4B59-B15A-BCB0F6CB7BC0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-28:-:*:*:*:*:*:*:*", "matchCriteriaId": "E74DB8D8-B79B-4DAE-BF88-98C1F518E76D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-48_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0B93DCA7-A8CE-4A18-853E-E2BCB5C80B30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "765DECDB-4234-4444-B78F-01C1DCBAD8FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-20_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "099DB9BA-04C3-49E6-876B-F13D76015A36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-20:-:*:*:*:*:*:*:*", "matchCriteriaId": "50A677CE-4360-4780-ABF9-466C45CB19E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf302-08p_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F2A9D62E-0F67-4434-826E-5E12F4AAF029", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf302-08p:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9C97D56-2E3C-4F36-89E2-BC169AED3CC2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-52_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C1B10D0-08DD-49B6-ABD5-D53C6D1321B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-52:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E26EE1D-763F-4893-9997-F4C1CE7A1089", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-24_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B0E00067-5651-4972-96F3-B88109F62438", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "C324F7E3-2088-452F-B049-519A9D25C9B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf302-08_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A4E5C86-DBE6-47D7-853E-67E1C41A8416", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf302-08:-:*:*:*:*:*:*:*", "matchCriteriaId": "04042998-72B6-4215-9264-CC563E51D9CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sf300-24mp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2DB5AA50-AFD7-4336-BDA2-8BCE638EC700", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sf300-24mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "4882366A-9450-47BE-BE70-CC3A9D2F5275", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-10sfp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3E3157DF-CC63-44B3-AA95-31360238D232", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-10sfp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B402FBC0-91FC-471D-9D8A-C71F4FECF338", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-28mp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "65EBA3F8-91FE-4630-8A9D-288C7F9A4D91", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-28mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DB2B761-E591-42B6-B62F-63A6D41F4FAC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-52p_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "CF6756C9-E556-4EE8-8889-0C068664B181", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-52p:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E9DF9C4-9D06-4449-8AF0-8322C6B77F6A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sg300-52mp_firmware:1.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "6AA459CA-4D3E-4524-BA33-5D5A32A768E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sg300-52mp:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4C3B5A2-CAE6-4E75-A1A3-4FCB1C62A7A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability exists because the affected management interface performs insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or allow the attacker to access sensitive, browser-based information."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Cisco Small Business 300 Series Managed Switches podr\u00eda permitir que un atacante remoto no autenticado lleve a cabo un ataque de Cross-Site Scripting (XSS) reflejado contra un usuario de la interfaz de un sistema afectado. Esta vulnerabilidad existe porque la interfaz de gesti\u00f3n afectada realiza validaciones insuficientes de la entrada proporcionada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad haciendo que un usuario de la interfaz haga clic en un enlace malicioso. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante ejecute c\u00f3digo script arbitrario en el contexto de la interfaz afectada o que acceda a informaci\u00f3n sensible del navegador."}], "id": "CVE-2018-0465", "lastModified": "2024-11-21T03:38:17.337", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "
[email protected]", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "
[email protected]", "type": "Primary"}]}, "published": "2018-10-05T14:29:04.357", "references": [{"source": "
[email protected]", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-300-switch-xss"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-300-switch-xss"}], "sourceIdentifier": "
[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "
[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "
[email protected]", "type": "Primary"}]}