Vulnerability Details : CVE-2013-1154
The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246.
Vulnerability category: Denial of service
Products affected by CVE-2013-1154
- cpe:2.3:a:cisco:200_series_smart_switches_software:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-50p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sf200-24:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-26:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-50:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sf200-24p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-18:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-26p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sf200-48:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sf200-48p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-08:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:200_series_smart_switches:sg200-08p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-10sfp:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf302-08mp:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf300-24p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-28:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-52:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf300-24mp:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-28mp:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf302-08p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf300-24:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf300-48:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-20:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-28p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-52p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-52mp:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf300-08:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf302-08:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sf300-48p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-10:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-10p:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:300_series_managed_switches:sg300-10mp:*:*:*:*:*:*:*When used together with: Cisco » 200 Series Smart Switches Software
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sf500-24:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sf500-48:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500x-24p:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500x-48p:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sf500-24p:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sf500-48p:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500x-48:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500-28:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500-28p:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500-52:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500-52p:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:500_series_stackable_managed_switches:sg500x-24:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-1154
0.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1154
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-1154
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1154
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=27502
Cisco Small Business Switches SSH Packet Processing Denial of Service VulnerabilityVendor Advisory
-
http://jvn.jp/en/jp/JVN05132866/index.html
JVN#05132866: Multiple Cisco products vulnerable to denial-of-service (DoS)
-
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000017
JVNDB-2013-000017 - JVN iPedia - 脆弱性対策情報データベース
Jump to