CVE-2019-1943
Summary
| CVE | CVE-2019-1943 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-07-17 21:15:00 UTC |
| Updated | 2019-10-09 23:48:00 UTC |
| Description | A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites. |
Risk And Classification
Problem Types: CWE-601
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Sf200-24 | - | All | All | All |
| Hardware | Cisco | Sf200-24 | - | All | All | All |
| Hardware | Cisco | Sf200-24fp | - | All | All | All |
| Hardware | Cisco | Sf200-24fp | - | All | All | All |
| Operating System | Cisco | Sf200-24fp Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-24fp Firmware | - | All | All | All |
| Hardware | Cisco | Sf200-24p | - | All | All | All |
| Hardware | Cisco | Sf200-24p | - | All | All | All |
| Operating System | Cisco | Sf200-24p Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-24p Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-24 Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-24 Firmware | - | All | All | All |
| Hardware | Cisco | Sf200-48 | - | All | All | All |
| Hardware | Cisco | Sf200-48 | - | All | All | All |
| Hardware | Cisco | Sf200-48p | - | All | All | All |
| Hardware | Cisco | Sf200-48p | - | All | All | All |
| Operating System | Cisco | Sf200-48p Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-48p Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-48 Firmware | - | All | All | All |
| Operating System | Cisco | Sf200-48 Firmware | - | All | All | All |
| Hardware | Cisco | Sf300-08 | - | All | All | All |
| Hardware | Cisco | Sf300-08 | - | All | All | All |
| Operating System | Cisco | Sf300-08 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-08 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sf300-24 | - | All | All | All |
| Hardware | Cisco | Sf300-24 | - | All | All | All |
| Hardware | Cisco | Sf300-24mp | - | All | All | All |
| Hardware | Cisco | Sf300-24mp | - | All | All | All |
| Operating System | Cisco | Sf300-24mp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-24mp Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sf300-24p | - | All | All | All |
| Hardware | Cisco | Sf300-24p | - | All | All | All |
| Hardware | Cisco | Sf300-24pp | - | All | All | All |
| Hardware | Cisco | Sf300-24pp | - | All | All | All |
| Operating System | Cisco | Sf300-24pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-24pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-24p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-24p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-24 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-24 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sf300-48 | - | All | All | All |
| Hardware | Cisco | Sf300-48 | - | All | All | All |
| Hardware | Cisco | Sf300-48p | - | All | All | All |
| Hardware | Cisco | Sf300-48p | - | All | All | All |
| Hardware | Cisco | Sf300-48pp | - | All | All | All |
| Hardware | Cisco | Sf300-48pp | - | All | All | All |
| Operating System | Cisco | Sf300-48pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-48pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-48p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-48p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-48 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf300-48 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sf302-08 | - | All | All | All |
| Hardware | Cisco | Sf302-08 | - | All | All | All |
| Hardware | Cisco | Sf302-08mp | - | All | All | All |
| Hardware | Cisco | Sf302-08mp | - | All | All | All |
| Hardware | Cisco | Sf302-08mpp | - | All | All | All |
| Hardware | Cisco | Sf302-08mpp | - | All | All | All |
| Operating System | Cisco | Sf302-08mpp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08mpp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08mp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08mp Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sf302-08p | - | All | All | All |
| Hardware | Cisco | Sf302-08p | - | All | All | All |
| Hardware | Cisco | Sf302-08pp | - | All | All | All |
| Hardware | Cisco | Sf302-08pp | - | All | All | All |
| Operating System | Cisco | Sf302-08pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sf302-08 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sf500-24 | - | All | All | All |
| Hardware | Cisco | Sf500-24 | - | All | All | All |
| Hardware | Cisco | Sf500-24p | - | All | All | All |
| Hardware | Cisco | Sf500-24p | - | All | All | All |
| Operating System | Cisco | Sf500-24p Firmware | - | All | All | All |
| Operating System | Cisco | Sf500-24p Firmware | - | All | All | All |
| Operating System | Cisco | Sf500-24 Firmware | - | All | All | All |
| Operating System | Cisco | Sf500-24 Firmware | - | All | All | All |
| Hardware | Cisco | Sf500-48 | - | All | All | All |
| Hardware | Cisco | Sf500-48 | - | All | All | All |
| Hardware | Cisco | Sf500-48p | - | All | All | All |
| Hardware | Cisco | Sf500-48p | - | All | All | All |
| Operating System | Cisco | Sf500-48p Firmware | - | All | All | All |
| Operating System | Cisco | Sf500-48p Firmware | - | All | All | All |
| Operating System | Cisco | Sf500-48 Firmware | - | All | All | All |
| Operating System | Cisco | Sf500-48 Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-08 | - | All | All | All |
| Hardware | Cisco | Sg200-08 | - | All | All | All |
| Hardware | Cisco | Sg200-08p | - | All | All | All |
| Hardware | Cisco | Sg200-08p | - | All | All | All |
| Operating System | Cisco | Sg200-08p Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-08p Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-08 Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-08 Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-10fp | - | All | All | All |
| Hardware | Cisco | Sg200-10fp | - | All | All | All |
| Operating System | Cisco | Sg200-10fp Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-10fp Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-18 | - | All | All | All |
| Hardware | Cisco | Sg200-18 | - | All | All | All |
| Operating System | Cisco | Sg200-18 Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-18 Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-26 | - | All | All | All |
| Hardware | Cisco | Sg200-26 | - | All | All | All |
| Hardware | Cisco | Sg200-26fp | - | All | All | All |
| Hardware | Cisco | Sg200-26fp | - | All | All | All |
| Operating System | Cisco | Sg200-26fp Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-26fp Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-26p | - | All | All | All |
| Hardware | Cisco | Sg200-26p | - | All | All | All |
| Operating System | Cisco | Sg200-26p Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-26p Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-26 Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-26 Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-50 | - | All | All | All |
| Hardware | Cisco | Sg200-50 | - | All | All | All |
| Hardware | Cisco | Sg200-50fp | - | All | All | All |
| Hardware | Cisco | Sg200-50fp | - | All | All | All |
| Operating System | Cisco | Sg200-50fp Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-50fp Firmware | - | All | All | All |
| Hardware | Cisco | Sg200-50p | - | All | All | All |
| Hardware | Cisco | Sg200-50p | - | All | All | All |
| Operating System | Cisco | Sg200-50p Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-50p Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-50 Firmware | - | All | All | All |
| Operating System | Cisco | Sg200-50 Firmware | - | All | All | All |
| Hardware | Cisco | Sg300-10 | - | All | All | All |
| Hardware | Cisco | Sg300-10 | - | All | All | All |
| Hardware | Cisco | Sg300-10mp | - | All | All | All |
| Hardware | Cisco | Sg300-10mp | - | All | All | All |
| Hardware | Cisco | Sg300-10mpp | - | All | All | All |
| Hardware | Cisco | Sg300-10mpp | - | All | All | All |
| Operating System | Cisco | Sg300-10mpp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10mpp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10mp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10mp Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-10p | - | All | All | All |
| Hardware | Cisco | Sg300-10p | - | All | All | All |
| Hardware | Cisco | Sg300-10pp | - | All | All | All |
| Hardware | Cisco | Sg300-10pp | - | All | All | All |
| Operating System | Cisco | Sg300-10pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10p Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-10sfp | - | All | All | All |
| Hardware | Cisco | Sg300-10sfp | - | All | All | All |
| Operating System | Cisco | Sg300-10sfp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10sfp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-10 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-20 | - | All | All | All |
| Hardware | Cisco | Sg300-20 | - | All | All | All |
| Operating System | Cisco | Sg300-20 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-20 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-28 | - | All | All | All |
| Hardware | Cisco | Sg300-28 | - | All | All | All |
| Hardware | Cisco | Sg300-28mp | - | All | All | All |
| Hardware | Cisco | Sg300-28mp | - | All | All | All |
| Operating System | Cisco | Sg300-28mp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-28mp Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-28p | - | All | All | All |
| Hardware | Cisco | Sg300-28p | - | All | All | All |
| Hardware | Cisco | Sg300-28pp | - | All | All | All |
| Hardware | Cisco | Sg300-28pp | - | All | All | All |
| Operating System | Cisco | Sg300-28pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-28pp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-28p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-28p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-28 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-28 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-52 | - | All | All | All |
| Hardware | Cisco | Sg300-52 | - | All | All | All |
| Hardware | Cisco | Sg300-52mp | - | All | All | All |
| Hardware | Cisco | Sg300-52mp | - | All | All | All |
| Operating System | Cisco | Sg300-52mp Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-52mp Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg300-52p | - | All | All | All |
| Hardware | Cisco | Sg300-52p | - | All | All | All |
| Operating System | Cisco | Sg300-52p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-52p Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-52 Firmware | 1.3.7.18 | All | All | All |
| Operating System | Cisco | Sg300-52 Firmware | 1.3.7.18 | All | All | All |
| Hardware | Cisco | Sg500-28 | - | All | All | All |
| Hardware | Cisco | Sg500-28 | - | All | All | All |
| Hardware | Cisco | Sg500-28mpp | - | All | All | All |
| Hardware | Cisco | Sg500-28mpp | - | All | All | All |
| Operating System | Cisco | Sg500-28mpp Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-28mpp Firmware | - | All | All | All |
| Hardware | Cisco | Sg500-28p | - | All | All | All |
| Hardware | Cisco | Sg500-28p | - | All | All | All |
| Operating System | Cisco | Sg500-28p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-28p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-28 Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-28 Firmware | - | All | All | All |
| Hardware | Cisco | Sg500-52 | - | All | All | All |
| Hardware | Cisco | Sg500-52 | - | All | All | All |
| Hardware | Cisco | Sg500-52mp | - | All | All | All |
| Hardware | Cisco | Sg500-52mp | - | All | All | All |
| Operating System | Cisco | Sg500-52mp Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-52mp Firmware | - | All | All | All |
| Hardware | Cisco | Sg500-52p | - | All | All | All |
| Hardware | Cisco | Sg500-52p | - | All | All | All |
| Operating System | Cisco | Sg500-52p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-52p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-52 Firmware | - | All | All | All |
| Operating System | Cisco | Sg500-52 Firmware | - | All | All | All |
| Hardware | Cisco | Sg500x-24 | - | All | All | All |
| Hardware | Cisco | Sg500x-24 | - | All | All | All |
| Hardware | Cisco | Sg500x-24p | - | All | All | All |
| Hardware | Cisco | Sg500x-24p | - | All | All | All |
| Operating System | Cisco | Sg500x-24p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500x-24p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500x-24 Firmware | - | All | All | All |
| Operating System | Cisco | Sg500x-24 Firmware | - | All | All | All |
| Hardware | Cisco | Sg500x-48 | - | All | All | All |
| Hardware | Cisco | Sg500x-48 | - | All | All | All |
| Hardware | Cisco | Sg500x-48p | - | All | All | All |
| Hardware | Cisco | Sg500x-48p | - | All | All | All |
| Operating System | Cisco | Sg500x-48p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500x-48p Firmware | - | All | All | All |
| Operating System | Cisco | Sg500x-48 Firmware | - | All | All | All |
| Operating System | Cisco | Sg500x-48 Firmware | - | All | All | All |
| Hardware | Cisco | Sg500xg-8f8t | - | All | All | All |
| Hardware | Cisco | Sg500xg-8f8t | - | All | All | All |
| Operating System | Cisco | Sg500xg-8f8t Firmware | - | All | All | All |
| Operating System | Cisco | Sg500xg-8f8t Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Small Business Series Switches Open Redirect Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| Cisco Small Business Series Switches CVE-2019-1943 Open Redirect Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.