Description
A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges.
Published: 2021-11-04
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2021-21389 A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges.
History

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00506}

 epss

{'score': 0.00249}

Thu, 07 Nov 2024 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Cisco Cbs250-16p-2g Cbs250-16p-2g Firmware Cbs250-16t-2g Cbs250-16t-2g Firmware Cbs250-24fp-4g Cbs250-24fp-4g Firmware Cbs250-24fp-4x Cbs250-24fp-4x Firmware Cbs250-24p-4g Cbs250-24p-4g Firmware Cbs250-24p-4x Cbs250-24p-4x Firmware Cbs250-24pp-4g Cbs250-24pp-4g Firmware Cbs250-24t-4g Cbs250-24t-4g Firmware Cbs250-24t-4x Cbs250-24t-4x Firmware Cbs250-48p-4g Cbs250-48p-4g Firmware Cbs250-48p-4x Cbs250-48p-4x Firmware Cbs250-48pp-4g Cbs250-48pp-4g Firmware Cbs250-48t-4g Cbs250-48t-4g Firmware Cbs250-48t-4x Cbs250-48t-4x Firmware Cbs250-8fp-e-2g Cbs250-8fp-e-2g Firmware Cbs250-8p-e-2g Cbs250-8p-e-2g Firmware Cbs250-8pp-d Cbs250-8pp-d Firmware Cbs250-8pp-e-2g Cbs250-8pp-e-2g Firmware Cbs250-8t-d Cbs250-8t-d Firmware Cbs250-8t-e-2g Cbs250-8t-e-2g Firmware Cbs350-12np-4x Cbs350-12np-4x Firmware Cbs350-12xs Cbs350-12xs Firmware Cbs350-12xt Cbs350-12xt Firmware Cbs350-16fp-2g Cbs350-16fp-2g Firmware Cbs350-16p-2g Cbs350-16p-2g Firmware Cbs350-16p-e-2g Cbs350-16p-e-2g Firmware Cbs350-16t-2g Cbs350-16t-2g Firmware Cbs350-16t-e-2g Cbs350-16t-e-2g Firmware Cbs350-16xts Cbs350-16xts Firmware Cbs350-24fp-4g Cbs350-24fp-4g Firmware Cbs350-24fp-4x Cbs350-24fp-4x Firmware Cbs350-24mgp-4x Cbs350-24mgp-4x Firmware Cbs350-24ngp-4x Cbs350-24ngp-4x Firmware Cbs350-24p-4g Cbs350-24p-4g Firmware Cbs350-24p-4x Cbs350-24p-4x Firmware Cbs350-24s-4g Cbs350-24s-4g Firmware Cbs350-24t-4g Cbs350-24t-4g Firmware Cbs350-24t-4x Cbs350-24t-4x Firmware Cbs350-24xs Cbs350-24xs Firmware Cbs350-24xt Cbs350-24xt Firmware Cbs350-24xts Cbs350-24xts Firmware Cbs350-48fp-4g Cbs350-48fp-4g Firmware Cbs350-48fp-4x Cbs350-48fp-4x Firmware Cbs350-48ngp-4x Cbs350-48ngp-4x Firmware Cbs350-48p-4g Cbs350-48p-4g Firmware Cbs350-48p-4x Cbs350-48p-4x Firmware Cbs350-48t-4g Cbs350-48t-4g Firmware Cbs350-48t-4x Cbs350-48t-4x Firmware Cbs350-48xt-4x Cbs350-48xt-4x Firmware Cbs350-8fp-2g Cbs350-8fp-2g Firmware Cbs350-8fp-e-2g Cbs350-8fp-e-2g Firmware Cbs350-8mgp-2x Cbs350-8mgp-2x Firmware Cbs350-8mp-2x Cbs350-8mp-2x Firmware Cbs350-8p-2g Cbs350-8p-2g Firmware Cbs350-8p-e-2g Cbs350-8p-e-2g Firmware Cbs350-8s-e-2g Cbs350-8s-e-2g Firmware Cbs350-8t-e-2g Cbs350-8t-e-2g Firmware Cbs350-8xt Cbs350-8xt Firmware Esw2-350g-52 Esw2-350g-52 Firmware Esw2-350g-52dc Esw2-350g-52dc Firmware Esw2-550x-48 Esw2-550x-48 Firmware Esw2-550x-48dc Esw2-550x-48dc Firmware Sf200-24 Sf200-24 Firmware Sf200-24fp Sf200-24fp Firmware Sf200-24p Sf200-24p Firmware Sf200-48 Sf200-48 Firmware Sf200-48p Sf200-48p Firmware Sf250-08 Sf250-08 Firmware Sf250-08hp Sf250-08hp Firmware Sf250-10p Sf250-10p Firmware Sf250-18 Sf250-18 Firmware Sf250-24 Sf250-24 Firmware Sf250-24p Sf250-24p Firmware Sf250-26 Sf250-26 Firmware Sf250-26hp Sf250-26hp Firmware Sf250-26p Sf250-26p Firmware Sf250-48 Sf250-48 Firmware Sf250-48hp Sf250-48hp Firmware Sf250-50 Sf250-50 Firmware Sf250-50hp Sf250-50hp Firmware Sf250-50p Sf250-50p Firmware Sf250x-24 Sf250x-24 Firmware Sf250x-24p Sf250x-24p Firmware Sf250x-48 Sf250x-48 Firmware Sf250x-48p Sf250x-48p Firmware Sf300-08 Sf300-08 Firmware Sf300-24 Sf300-24 Firmware Sf300-24mp Sf300-24mp Firmware Sf300-24p Sf300-24p Firmware Sf300-24pp Sf300-24pp Firmware Sf300-48 Sf300-48 Firmware Sf300-48p Sf300-48p Firmware Sf300-48pp Sf300-48pp Firmware Sf302-08 Sf302-08 Firmware Sf302-08mp Sf302-08mp Firmware Sf302-08mpp Sf302-08mpp Firmware Sf302-08p Sf302-08p Firmware Sf302-08pp Sf302-08pp Firmware Sf350-08 Sf350-08 Firmware Sf350-10 Sf350-10 Firmware Sf350-10mp Sf350-10mp Firmware Sf350-10p Sf350-10p Firmware Sf350-10sfp Sf350-10sfp Firmware Sf350-20 Sf350-20 Firmware Sf350-24 Sf350-24 Firmware Sf350-24mp Sf350-24mp Firmware Sf350-24p Sf350-24p Firmware Sf350-28 Sf350-28 Firmware Sf350-28mp Sf350-28mp Firmware Sf350-28p Sf350-28p Firmware Sf350-28sfp Sf350-28sfp Firmware Sf350-48 Sf350-48 Firmware Sf350-48p Sf350-48p Firmware Sf350-52 Sf350-52 Firmware Sf350-52mp Sf350-52mp Firmware Sf350-52p Sf350-52p Firmware Sf350-8mp Sf350-8mp Firmware Sf350-8pd Sf350-8pd Firmware Sf352-08 Sf352-08 Firmware Sf352-08mp Sf352-08mp Firmware Sf352-08p Sf352-08p Firmware Sf355-10p Sf355-10p Firmware Sf500-24 Sf500-24 Firmware Sf500-24mp Sf500-24mp Firmware Sf500-24p Sf500-24p Firmware Sf500-48 Sf500-48 Firmware Sf500-48mp Sf500-48mp Firmware Sf500-48p Sf500-48p Firmware Sf550x-24 Sf550x-24 Firmware Sf550x-24mp Sf550x-24mp Firmware Sf550x-24p Sf550x-24p Firmware Sf550x-48 Sf550x-48 Firmware Sf550x-48mp Sf550x-48mp Firmware Sf550x-48p Sf550x-48p Firmware Sg200-08 Sg200-08 Firmware Sg200-08p Sg200-08p Firmware Sg200-10fp Sg200-10fp Firmware Sg200-18 Sg200-18 Firmware Sg200-26 Sg200-26 Firmware Sg200-26fp Sg200-26fp Firmware Sg200-26p Sg200-26p Firmware Sg200-50 Sg200-50 Firmware Sg200-50fp Sg200-50fp Firmware Sg200-50p Sg200-50p Firmware Sg300-10 Sg300-10 Firmware Sg300-10mp Sg300-10mp Firmware Sg300-10mpp Sg300-10mpp Firmware Sg300-10p Sg300-10p Firmware Sg300-10pp Sg300-10pp Firmware Sg300-10sfp Sg300-10sfp Firmware Sg300-20 Sg300-20 Firmware Sg300-28 Sg300-28 Firmware Sg300-28mp Sg300-28mp Firmware Sg300-28p Sg300-28p Firmware Sg300-28pp Sg300-28pp Firmware Sg300-28sfp Sg300-28sfp Firmware Sg300-52 Sg300-52 Firmware Sg300-52mp Sg300-52mp Firmware Sg300-52p Sg300-52p Firmware Sg350x-12pmv Sg350x-12pmv Firmware Sg350x-24 Sg350x-24 Firmware Sg350x-24mp Sg350x-24mp Firmware Sg350x-24p Sg350x-24p Firmware Sg350x-24pd Sg350x-24pd Firmware Sg350x-24pv Sg350x-24pv Firmware Sg350x-48 Sg350x-48 Firmware Sg350x-48mp Sg350x-48mp Firmware Sg350x-48p Sg350x-48p Firmware Sg350x-48pv Sg350x-48pv Firmware Sg350x-8pmd Sg350x-8pmd Firmware Sg350xg-24f Sg350xg-24f Firmware Sg350xg-24t Sg350xg-24t Firmware Sg350xg-2f10 Sg350xg-2f10 Firmware Sg350xg-48t Sg350xg-48t Firmware Sg500-28 Sg500-28 Firmware Sg500-28mpp Sg500-28mpp Firmware Sg500-28p Sg500-28p Firmware Sg500-52 Sg500-52 Firmware Sg500-52mp Sg500-52mp Firmware Sg500-52p Sg500-52p Firmware Sg500x-24 Sg500x-24 Firmware Sg500x-24mpp Sg500x-24mpp Firmware Sg500x-24p Sg500x-24p Firmware Sg500x-48 Sg500x-48 Firmware Sg500x-48mp Sg500x-48mp Firmware Sg500x-48p Sg500x-48p Firmware Sg500xg-8f8t Sg500xg-8f8t Firmware Sg550x-24 Sg550x-24 Firmware Sg550x-24mp Sg550x-24mp Firmware Sg550x-24mpp Sg550x-24mpp Firmware Sg550x-24p Sg550x-24p Firmware Sg550x-48 Sg550x-48 Firmware Sg550x-48mp Sg550x-48mp Firmware Sg550x-48p Sg550x-48p Firmware Sg550xg-24f Sg550xg-24f Firmware Sg550xg-24t Sg550xg-24t Firmware Sg550xg-48t Sg550xg-48t Firmware Sg550xg-8f8t Sg550xg-8f8t Firmware Sx350x-08 Sx350x-08 Firmware Sx350x-12 Sx350x-12 Firmware Sx350x-24 Sx350x-24 Firmware Sx350x-24f Sx350x-24f Firmware Sx350x-52 Sx350x-52 Firmware Sx550x-12f Sx550x-12f Firmware Sx550x-16ft Sx550x-16ft Firmware Sx550x-24 Sx550x-24 Firmware Sx550x-24f Sx550x-24f Firmware Sx550x-24ft Sx550x-24ft Firmware Sx550x-52 Sx550x-52 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-11-07T21:43:18.199Z

Reserved: 2021-06-15T00:00:00.000Z

Link: CVE-2021-34739

cve-icon Vulnrichment

Updated: 2024-08-04T00:19:48.160Z

cve-icon NVD

Status : Modified

Published: 2021-11-04T16:15:08.577

Modified: 2024-11-21T06:11:05.400

Link: CVE-2021-34739

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses