CVE-2019-1892

Name of the Vulnerable Software and Affected Versions Cisco Small Business 200, 300, and 500 Series Managed Switches (affected versions not specified)

Description The issue is related to an improper validation of HTTPS packets in the SSL protocol implementation, which could allow a remote attacker to cause a denial of service condition by sending a malformed HTTPS packet to the management web interface of the affected device. This could result in an unexpected reload of the device.

Recommendations For Cisco Small Business 200, 300, and 500 Series Managed Switches, consider restricting access to the management web interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.