Cisco Small Business Switches SSH/SSL Packets Processing
Cisco Small Business Switches SSH/SSL Packets Processing Denial of Service Vulnerability
Release Date: 2013-03-07
Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Operating System :
Cisco Small Business Managed Switches 300 Series
Cisco Small Business Smart Switches 200 Series
Cisco Small Business Stackable Managed 500 Series
A vulnerability has been reported in Cisco Small Business Switches, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error when processing SSH or SSL packets. This can be exploited to cause a SSL/TLS protocol layer to fail and render some service unusable by sending specially crafted SSH or SSL packets.
Please see the vendor's advisory for a list of affected versions.
Apply patches (please see the vendor's advisory for details).
Provided and/or discovered by:
The vendor credits Hisashi Kojima and Masahiro Nakada, Fujitsu Laboratories LTD.