Cisco Update
2910Warning Date
Severity Level
Warning Number
Target Sector
30 January, 2020
● High
2020-858
All
Description:
Cisco has released security update to address two vulnerabilities in the following product:
- Cisco Small Business Switches - web UI – Affected versions:
- Firmware release earlier than 2.5.0.92:
- 250 Series Smart Switches
- 350 Series Managed Switches
- 350X Series Stackable Managed Switches
- 550X Series Stackable Managed Switches
- Firmware release earlier than 1.4.11.4 or 1.3.7.18:
- 200 Series Smart Switches
- 300 Series Managed Switches
- 500 Series Stackable Managed Switches
Threats:
Remote attacker could exploit these vulnerabilities by doing the following:
- Denial of service (DoS) attack.
- Access sensitive device information.
Best practice and Recommendations:
The CERT team encourages users to update the affected product and to Cisco security advisory: