Cisco Small Business Switches CVE-2018-15439 Authentication Bypass Vulnerability

Bugtraq ID:	105873
Class:	Design Error
CVE:	CVE-2018-15439
Remote:	Yes
Local:	No
Published:	Nov 07 2018 12:00AM
Updated:	Nov 07 2018 12:00AM
Credit:	Cisco
Vulnerable:	Cisco Small Business 500 Series Stackable Managed Switch 0 Cisco Small Business 300 Series Managed Switches 0 Cisco Small Business 200 Series Smart Switches 0 Cisco 550X Series Stackable Managed Switches 0 Cisco 350X Series Stackable Managed Switches 0 Cisco 350 Series Managed Switches 0 Cisco 250 Series Smart Switches 0
Not Vulnerable:

Cisco Small Business Switches CVE-2018-15439 Authentication Bypass Vulnerability

Cisco Small Business Switches are prone to an authentication-bypass vulnerability.

An attacker can leverage this issue to bypass certain authentication mechanisms and execute arbitrary commands with full admin privileges; this may aid in launching further attacks.

This issue is being tracked by Cisco bugs CSCvk20713 and CSCvm11846.

Cisco Small Business Switches CVE-2018-15439 Authentication Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco Small Business Switches CVE-2018-15439 Authentication Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]"

Cisco Small Business Switches CVE-2018-15439 Authentication Bypass Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco Small Business Switches Privileged Access Vulnerability (Cisco)