Strix
26.1K

CVE-2013-1154

UnknownEPSS 1.55%

Last modified

CVE-2013-1154 is a vulnerability of currently unknown severity. The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246.. EPSS estimates a 1.55% chance of exploitation in the next 30 days.

Description

The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246.

Metrics

EPSS Probability
1.55%

71.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Cisco200 Series Smart Switchessf200-24
Cisco200 Series Smart Switchessf200-24p
Cisco200 Series Smart Switchessf200-48
Cisco200 Series Smart Switchessf200-48p
Cisco200 Series Smart Switchessg200-08
Cisco200 Series Smart Switchessg200-08p
Cisco200 Series Smart Switchessg200-18
Cisco200 Series Smart Switchessg200-26
Cisco200 Series Smart Switchessg200-26p
Cisco200 Series Smart Switchessg200-50
Cisco200 Series Smart Switchessg200-50p
Cisco300 Series Managed Switchessf300-08
Cisco300 Series Managed Switchessf300-24
Cisco300 Series Managed Switchessf300-24mp
Cisco300 Series Managed Switchessf300-24p
Cisco300 Series Managed Switchessf300-48
Cisco300 Series Managed Switchessf300-48p
Cisco300 Series Managed Switchessf302-08
Cisco300 Series Managed Switchessf302-08mp
Cisco300 Series Managed Switchessf302-08p
Cisco300 Series Managed Switchessg300-10
Cisco300 Series Managed Switchessg300-10mp
Cisco300 Series Managed Switchessg300-10p
Cisco300 Series Managed Switchessg300-10sfp
Cisco300 Series Managed Switchessg300-20
Cisco300 Series Managed Switchessg300-28
Cisco300 Series Managed Switchessg300-28mp
Cisco300 Series Managed Switchessg300-28p
Cisco300 Series Managed Switchessg300-52
Cisco300 Series Managed Switchessg300-52mp
Cisco300 Series Managed Switchessg300-52p
Cisco200 Series Smart Switches Software<= 1.2.7.76
Cisco500 Series Stackable Managed Switchessf500-24
Cisco500 Series Stackable Managed Switchessf500-24p
Cisco500 Series Stackable Managed Switchessf500-48
Cisco500 Series Stackable Managed Switchessf500-48p
Cisco500 Series Stackable Managed Switchessg500-28
Cisco500 Series Stackable Managed Switchessg500-28p
Cisco500 Series Stackable Managed Switchessg500-52
Cisco500 Series Stackable Managed Switchessg500-52p
Cisco500 Series Stackable Managed Switchessg500x-24
Cisco500 Series Stackable Managed Switchessg500x-24p
Cisco500 Series Stackable Managed Switchessg500x-48
Cisco500 Series Stackable Managed Switchessg500x-48p

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-1154?
The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246.
How severe is CVE-2013-1154?
Severity scoring for CVE-2013-1154 is pending analysis. The EPSS model estimates a 1.55% probability of exploitation in the next 30 days.
How do I fix CVE-2013-1154?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-1154?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST