CVE-2021-34757 | Severity.io

Description

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory.

Related CPE's

business_220-8t-e-2g_firmware

Vulnerable

business_220-8t-e-2g

business_220-8p-e-2g_firmware

Vulnerable

business_220-8p-e-2g

business_220-8fp-e-2g_firmware

Vulnerable

business_220-8fp-e-2g

business_220-16t-2g_firmware

Vulnerable

business_220-16t-2g

business_220-16p-2g_firmware

Vulnerable

business_220-16p-2g

business_220-24t-4g_firmware

Vulnerable

business_220-24t-4g

business_220-24p-4g_firmware

Vulnerable

business_220-24p-4g

business_220-24fp-4g_firmware

Vulnerable

business_220-24fp-4g

business_220-48t-4g_firmware

Vulnerable

business_220-48t-4g

business_220-48p-4g_firmware

Vulnerable

business_220-48p-4g

business_220-24t-4x_firmware

Vulnerable

business_220-24t-4x

business_220-24p-4x_firmware

Vulnerable

business_220-24p-4x

business_220-24fp-4x_firmware

Vulnerable

business_220-24fp-4x

business_220-48t-4x_firmware

Vulnerable

business_220-48t-4x

business_220-48p-4x_firmware

Vulnerable

business_220-48p-4x

business_220-48fp-4x_firmware

Vulnerable

business_220-48fp-4x

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX

Vendor Advisory

Weaknesses

[email protected]

Secondary

CWE-540

[email protected]

Primary

CWE-798

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.9 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-10-06T18:15:10.947Z

4 years ago

Last modified

2024-11-21T05:11:07.857Z

1 year ago