PT-2021-5709 · Cisco · Cisco Business 220 Series Smart Switches
Jasper Lievisse Adriaanse
·
Published
2021-10-06
·
Updated
2022-10-24
·
CVE-2021-34757
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Business 220 Series Smart Switches (affected versions not specified)
Description
The issue is related to a lack of protection for service data in the firmware of Cisco Small Business 220 Series Smart Switches. An attacker with Administrator privileges could exploit this to access sensitive login credentials or reconfigure passwords on user accounts.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Business 220 Series Smart Switches