CVE-2019-15993— Cisco Small Business Switches Information Disclosure Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-15993
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business Switches Information Disclosure Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the attacker to access sensitive device information, which includes configuration files.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
配置
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Cisco产品授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Small Business 500 Series Managed Switches是美国思科(Cisco)公司的一款500系列管理型交换机。 多款Cisco产品中的Web UI存在授权问题漏洞,该漏洞源于程序没有对该界面可访问到的信息进行正确的身份验证控制。远程攻击者可通过发送恶意的HTTP请求利用该漏洞访问敏感的设备信息,包括配置文件。以下产品及版本受到影响:250 Series Smart Switches 2.5.0.92之前版本;350 Series Managed Switches
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Small Business 250 Series Smart Switches Software | n/a | - |
II. Public POCs for CVE-2019-15993
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-15993
请登录查看更多情报信息。
Same Patch Batch · Cisco · 2020-09-23 · 34 CVEs total
| CVE-2020-3569 | 8.6 HIGH | Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities |
| CVE-2019-16023 | Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities | |
| CVE-2019-16021 | Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities | |
| CVE-2019-16025 | Cisco Emergency Responder Stored Cross-Site Scripting Vulnerability | |
| CVE-2019-16028 | Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Byp | |
| CVE-2019-1736 | Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability | |
| CVE-2019-1888 | Cisco Unified Contact Center Express Privilege Escalation Vulnerability | |
| CVE-2019-1947 | Cisco Email Security Appliance Denial of Service Vulnerability | |
| CVE-2019-1983 | Cisco Email Security Appliance and Cisco Content Security Management Appliance Denial of S | |
| CVE-2020-3116 | Cisco Webex Centers Denial of Service Vulnerability | |
| CVE-2020-3117 | Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header I | |
| CVE-2020-3124 | Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability | |
| CVE-2020-3130 | Cisco Unity Connection Directory Traversal Vulnerability | |
| CVE-2020-3133 | Cisco Email Security Appliance Content Filter Bypass Vulnerability | |
| CVE-2020-3135 | Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability | |
| CVE-2020-3137 | Cisco Email Security Appliance Cross-Site Scripting Vulnerability | |
| CVE-2020-3143 | Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Tr | |
| CVE-2019-15283 | Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulne | |
| CVE-2019-16019 | Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities | |
| CVE-2019-16017 | Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability |
Showing top 20 of 34 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
V. Comments for CVE-2019-15993
No comments yet