CVE-2019-1943

high-risk

Published 2019-07-17

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.

Do I need to act?

17.8% chance of exploitation in next 30 days

EPSS score — higher than 82% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

47118

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.7/10 Medium

NETWORK / HIGH complexity

Affected Products (20)

Sg200-50 Firmware

Sg200-50P Firmware

Sg200-50Fp Firmware

Sg200-26 Firmware

Sg200-26P Firmware

Sg200-26Fp Firmware

Sg200-18 Firmware

Sg200-10Fp Firmware

Sg200-08 Firmware

Sg200-08P Firmware

Sf200-24 Firmware

Sf200-24P Firmware

Sf200-24Fp Firmware

Sf200-48 Firmware

Sf200-48P Firmware

Sf302-08Pp Firmware

Sf302-08Mpp Firmware

Sg300-10Pp Firmware

Sg300-10Mpp Firmware

Sf300-24Pp Firmware

Affected Vendors

Cisco

References (4)

Third Party Advisory http://www.securityfocus.com/bid/109288

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

Third Party Advisory http://www.securityfocus.com/bid/109288

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

/ 100

high-risk

Severity 15/34 · Moderate

Exploitability 13/34 · Low

Exposure 26/34 · High