CVE-2021-34739

8.1 HIGH

Authentication Bypass

📋 TL;DR

This vulnerability allows unauthenticated remote attackers to replay intercepted session credentials to gain unauthorized administrative access to Cisco Small Business Series Switches web management interfaces. Attackers can exploit this via man-in-the-middle attacks to capture valid credentials and reuse them later. Organizations using affected Cisco Small Business switches with web management interfaces exposed are at risk.

💻 Affected Systems

Products:

• Cisco Small Business 250 Series Switches
• Cisco Small Business 350 Series Switches
• Cisco Small Business 350X Series Switches
• Cisco Small Business 550X Series Switches

Versions: Firmware versions prior to 2.5.9.16

Operating Systems: Switch firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices with web-based management interface enabled. SSH/CLI management is not affected.

📦 What is this software?

Cbs250 16p 2g Firmware by Cisco

View all CVEs affecting Cbs250 16p 2g Firmware →

Cbs250 16t 2g Firmware by Cisco

View all CVEs affecting Cbs250 16t 2g Firmware →

Cbs250 24fp 4g Firmware by Cisco

View all CVEs affecting Cbs250 24fp 4g Firmware →

Cbs250 24fp 4x Firmware by Cisco

View all CVEs affecting Cbs250 24fp 4x Firmware →

Cbs250 24p 4g Firmware by Cisco

View all CVEs affecting Cbs250 24p 4g Firmware →

Cbs250 24p 4x Firmware by Cisco

View all CVEs affecting Cbs250 24p 4x Firmware →

Cbs250 24pp 4g Firmware by Cisco

View all CVEs affecting Cbs250 24pp 4g Firmware →

Cbs250 24t 4g Firmware by Cisco

View all CVEs affecting Cbs250 24t 4g Firmware →

Cbs250 24t 4x Firmware by Cisco

View all CVEs affecting Cbs250 24t 4x Firmware →

Cbs250 48p 4g Firmware by Cisco

View all CVEs affecting Cbs250 48p 4g Firmware →

Cbs250 48p 4x Firmware by Cisco

View all CVEs affecting Cbs250 48p 4x Firmware →

Cbs250 48pp 4g Firmware by Cisco

View all CVEs affecting Cbs250 48pp 4g Firmware →

Cbs250 48t 4g Firmware by Cisco

View all CVEs affecting Cbs250 48t 4g Firmware →

Cbs250 48t 4x Firmware by Cisco

View all CVEs affecting Cbs250 48t 4x Firmware →

Cbs250 8fp E 2g Firmware by Cisco

View all CVEs affecting Cbs250 8fp E 2g Firmware →

Cbs250 8p E 2g Firmware by Cisco

View all CVEs affecting Cbs250 8p E 2g Firmware →

Cbs250 8pp D Firmware by Cisco

View all CVEs affecting Cbs250 8pp D Firmware →

Cbs250 8pp E 2g Firmware by Cisco

View all CVEs affecting Cbs250 8pp E 2g Firmware →

Cbs250 8t D Firmware by Cisco

View all CVEs affecting Cbs250 8t D Firmware →

Cbs250 8t E 2g Firmware by Cisco

View all CVEs affecting Cbs250 8t E 2g Firmware →

Cbs350 12np 4x Firmware by Cisco

View all CVEs affecting Cbs350 12np 4x Firmware →

Cbs350 12xs Firmware by Cisco

View all CVEs affecting Cbs350 12xs Firmware →

Cbs350 12xt Firmware by Cisco

View all CVEs affecting Cbs350 12xt Firmware →

Cbs350 16fp 2g Firmware by Cisco

View all CVEs affecting Cbs350 16fp 2g Firmware →

Cbs350 16p 2g Firmware by Cisco

View all CVEs affecting Cbs350 16p 2g Firmware →

Cbs350 16p E 2g Firmware by Cisco

View all CVEs affecting Cbs350 16p E 2g Firmware →

Cbs350 16t 2g Firmware by Cisco

View all CVEs affecting Cbs350 16t 2g Firmware →

Cbs350 16t E 2g Firmware by Cisco

View all CVEs affecting Cbs350 16t E 2g Firmware →

Cbs350 16xts Firmware by Cisco

View all CVEs affecting Cbs350 16xts Firmware →

Cbs350 24fp 4g Firmware by Cisco

View all CVEs affecting Cbs350 24fp 4g Firmware →

Cbs350 24fp 4x Firmware by Cisco

View all CVEs affecting Cbs350 24fp 4x Firmware →

Cbs350 24mgp 4x Firmware by Cisco

View all CVEs affecting Cbs350 24mgp 4x Firmware →

Cbs350 24ngp 4x Firmware by Cisco

View all CVEs affecting Cbs350 24ngp 4x Firmware →

Cbs350 24p 4g Firmware by Cisco

View all CVEs affecting Cbs350 24p 4g Firmware →

Cbs350 24p 4x Firmware by Cisco

View all CVEs affecting Cbs350 24p 4x Firmware →

Cbs350 24s 4g Firmware by Cisco

View all CVEs affecting Cbs350 24s 4g Firmware →

Cbs350 24t 4g Firmware by Cisco

View all CVEs affecting Cbs350 24t 4g Firmware →

Cbs350 24t 4x Firmware by Cisco

View all CVEs affecting Cbs350 24t 4x Firmware →

Cbs350 24xs Firmware by Cisco

View all CVEs affecting Cbs350 24xs Firmware →

Cbs350 24xt Firmware by Cisco

View all CVEs affecting Cbs350 24xt Firmware →

Cbs350 24xts Firmware by Cisco

View all CVEs affecting Cbs350 24xts Firmware →

Cbs350 48fp 4g Firmware by Cisco

View all CVEs affecting Cbs350 48fp 4g Firmware →

Cbs350 48fp 4x Firmware by Cisco

View all CVEs affecting Cbs350 48fp 4x Firmware →

Cbs350 48ngp 4x Firmware by Cisco

View all CVEs affecting Cbs350 48ngp 4x Firmware →

Cbs350 48p 4g Firmware by Cisco

View all CVEs affecting Cbs350 48p 4g Firmware →

Cbs350 48p 4x Firmware by Cisco

View all CVEs affecting Cbs350 48p 4x Firmware →

Cbs350 48t 4g Firmware by Cisco

View all CVEs affecting Cbs350 48t 4g Firmware →

Cbs350 48t 4x Firmware by Cisco

View all CVEs affecting Cbs350 48t 4x Firmware →

Cbs350 48xt 4x Firmware by Cisco

View all CVEs affecting Cbs350 48xt 4x Firmware →

Cbs350 8fp 2g Firmware by Cisco

View all CVEs affecting Cbs350 8fp 2g Firmware →

Cbs350 8fp E 2g Firmware by Cisco

View all CVEs affecting Cbs350 8fp E 2g Firmware →

Cbs350 8mgp 2x Firmware by Cisco

View all CVEs affecting Cbs350 8mgp 2x Firmware →

Cbs350 8mp 2x Firmware by Cisco

View all CVEs affecting Cbs350 8mp 2x Firmware →

Cbs350 8p 2g Firmware by Cisco

View all CVEs affecting Cbs350 8p 2g Firmware →

Cbs350 8p E 2g Firmware by Cisco

View all CVEs affecting Cbs350 8p E 2g Firmware →

Cbs350 8s E 2g Firmware by Cisco

View all CVEs affecting Cbs350 8s E 2g Firmware →

Cbs350 8t E 2g Firmware by Cisco

View all CVEs affecting Cbs350 8t E 2g Firmware →

Cbs350 8xt Firmware by Cisco

View all CVEs affecting Cbs350 8xt Firmware →

Esw2 350g 52 Firmware by Cisco

View all CVEs affecting Esw2 350g 52 Firmware →

Esw2 350g 52dc Firmware by Cisco

View all CVEs affecting Esw2 350g 52dc Firmware →

Esw2 550x 48 Firmware by Cisco

View all CVEs affecting Esw2 550x 48 Firmware →

Esw2 550x 48dc Firmware by Cisco

View all CVEs affecting Esw2 550x 48dc Firmware →

Sf200 24 Firmware by Cisco

View all CVEs affecting Sf200 24 Firmware →

Sf200 24fp Firmware by Cisco

View all CVEs affecting Sf200 24fp Firmware →

Sf200 24p Firmware by Cisco

View all CVEs affecting Sf200 24p Firmware →

Sf200 48 Firmware by Cisco

View all CVEs affecting Sf200 48 Firmware →

Sf200 48p Firmware by Cisco

View all CVEs affecting Sf200 48p Firmware →

Sf250 08 Firmware by Cisco

View all CVEs affecting Sf250 08 Firmware →

Sf250 08hp Firmware by Cisco

View all CVEs affecting Sf250 08hp Firmware →

Sf250 10p Firmware by Cisco

View all CVEs affecting Sf250 10p Firmware →

Sf250 18 Firmware by Cisco

View all CVEs affecting Sf250 18 Firmware →

Sf250 24 Firmware by Cisco

View all CVEs affecting Sf250 24 Firmware →

Sf250 24p Firmware by Cisco

View all CVEs affecting Sf250 24p Firmware →

Sf250 26 Firmware by Cisco

View all CVEs affecting Sf250 26 Firmware →

Sf250 26hp Firmware by Cisco

View all CVEs affecting Sf250 26hp Firmware →

Sf250 26p Firmware by Cisco

View all CVEs affecting Sf250 26p Firmware →

Sf250 48 Firmware by Cisco

View all CVEs affecting Sf250 48 Firmware →

Sf250 48hp Firmware by Cisco

View all CVEs affecting Sf250 48hp Firmware →

Sf250 50 Firmware by Cisco

View all CVEs affecting Sf250 50 Firmware →

Sf250 50hp Firmware by Cisco

View all CVEs affecting Sf250 50hp Firmware →

Sf250 50p Firmware by Cisco

View all CVEs affecting Sf250 50p Firmware →

Sf250x 24 Firmware by Cisco

View all CVEs affecting Sf250x 24 Firmware →

Sf250x 24p Firmware by Cisco

View all CVEs affecting Sf250x 24p Firmware →

Sf250x 48 Firmware by Cisco

View all CVEs affecting Sf250x 48 Firmware →

Sf250x 48p Firmware by Cisco

View all CVEs affecting Sf250x 48p Firmware →

Sf300 08 Firmware by Cisco

View all CVEs affecting Sf300 08 Firmware →

Sf300 24 Firmware by Cisco

View all CVEs affecting Sf300 24 Firmware →

Sf300 24mp Firmware by Cisco

View all CVEs affecting Sf300 24mp Firmware →

Sf300 24p Firmware by Cisco

View all CVEs affecting Sf300 24p Firmware →

Sf300 24pp Firmware by Cisco

View all CVEs affecting Sf300 24pp Firmware →

Sf300 48 Firmware by Cisco

View all CVEs affecting Sf300 48 Firmware →

Sf300 48p Firmware by Cisco

View all CVEs affecting Sf300 48p Firmware →

Sf300 48pp Firmware by Cisco

View all CVEs affecting Sf300 48pp Firmware →

Sf302 08 Firmware by Cisco

View all CVEs affecting Sf302 08 Firmware →

Sf302 08mp Firmware by Cisco

View all CVEs affecting Sf302 08mp Firmware →

Sf302 08mpp Firmware by Cisco

View all CVEs affecting Sf302 08mpp Firmware →

Sf302 08p Firmware by Cisco

View all CVEs affecting Sf302 08p Firmware →

Sf302 08pp Firmware by Cisco

View all CVEs affecting Sf302 08pp Firmware →

Sf350 08 Firmware by Cisco

View all CVEs affecting Sf350 08 Firmware →

Sf350 10 Firmware by Cisco

View all CVEs affecting Sf350 10 Firmware →

Sf350 10mp Firmware by Cisco

View all CVEs affecting Sf350 10mp Firmware →

Sf350 10p Firmware by Cisco

View all CVEs affecting Sf350 10p Firmware →

Sf350 10sfp Firmware by Cisco

View all CVEs affecting Sf350 10sfp Firmware →

Sf350 20 Firmware by Cisco

View all CVEs affecting Sf350 20 Firmware →

Sf350 24 Firmware by Cisco

View all CVEs affecting Sf350 24 Firmware →

Sf350 24mp Firmware by Cisco

View all CVEs affecting Sf350 24mp Firmware →

Sf350 24p Firmware by Cisco

View all CVEs affecting Sf350 24p Firmware →

Sf350 28 Firmware by Cisco

View all CVEs affecting Sf350 28 Firmware →

Sf350 28mp Firmware by Cisco

View all CVEs affecting Sf350 28mp Firmware →

Sf350 28p Firmware by Cisco

View all CVEs affecting Sf350 28p Firmware →

Sf350 28sfp Firmware by Cisco

View all CVEs affecting Sf350 28sfp Firmware →

Sf350 48 Firmware by Cisco

View all CVEs affecting Sf350 48 Firmware →

Sf350 48p Firmware by Cisco

View all CVEs affecting Sf350 48p Firmware →

Sf350 52 Firmware by Cisco

View all CVEs affecting Sf350 52 Firmware →

Sf350 52mp Firmware by Cisco

View all CVEs affecting Sf350 52mp Firmware →

Sf350 52p Firmware by Cisco

View all CVEs affecting Sf350 52p Firmware →

Sf350 8mp Firmware by Cisco

View all CVEs affecting Sf350 8mp Firmware →

Sf350 8pd Firmware by Cisco

View all CVEs affecting Sf350 8pd Firmware →

Sf352 08 Firmware by Cisco

View all CVEs affecting Sf352 08 Firmware →

Sf352 08mp Firmware by Cisco

View all CVEs affecting Sf352 08mp Firmware →

Sf352 08p Firmware by Cisco

View all CVEs affecting Sf352 08p Firmware →

Sf355 10p Firmware by Cisco

View all CVEs affecting Sf355 10p Firmware →

Sf500 24 Firmware by Cisco

View all CVEs affecting Sf500 24 Firmware →

Sf500 24mp Firmware by Cisco

View all CVEs affecting Sf500 24mp Firmware →

Sf500 24p Firmware by Cisco

View all CVEs affecting Sf500 24p Firmware →

Sf500 48 Firmware by Cisco

View all CVEs affecting Sf500 48 Firmware →

Sf500 48mp Firmware by Cisco

View all CVEs affecting Sf500 48mp Firmware →

Sf500 48p Firmware by Cisco

View all CVEs affecting Sf500 48p Firmware →

Sf550x 24 Firmware by Cisco

View all CVEs affecting Sf550x 24 Firmware →

Sf550x 24mp Firmware by Cisco

View all CVEs affecting Sf550x 24mp Firmware →

Sf550x 24p Firmware by Cisco

View all CVEs affecting Sf550x 24p Firmware →

Sf550x 48 Firmware by Cisco

View all CVEs affecting Sf550x 48 Firmware →

Sf550x 48mp Firmware by Cisco

View all CVEs affecting Sf550x 48mp Firmware →

Sf550x 48p Firmware by Cisco

View all CVEs affecting Sf550x 48p Firmware →

Sg200 08 Firmware by Cisco

View all CVEs affecting Sg200 08 Firmware →

Sg200 08p Firmware by Cisco

View all CVEs affecting Sg200 08p Firmware →

Sg200 10fp Firmware by Cisco

View all CVEs affecting Sg200 10fp Firmware →

Sg200 18 Firmware by Cisco

View all CVEs affecting Sg200 18 Firmware →

Sg200 26 Firmware by Cisco

View all CVEs affecting Sg200 26 Firmware →

Sg200 26fp Firmware by Cisco

View all CVEs affecting Sg200 26fp Firmware →

Sg200 26p Firmware by Cisco

View all CVEs affecting Sg200 26p Firmware →

Sg200 50 Firmware by Cisco

View all CVEs affecting Sg200 50 Firmware →

Sg200 50fp Firmware by Cisco

View all CVEs affecting Sg200 50fp Firmware →

Sg200 50p Firmware by Cisco

View all CVEs affecting Sg200 50p Firmware →

Sg300 10 Firmware by Cisco

View all CVEs affecting Sg300 10 Firmware →

Sg300 10mp Firmware by Cisco

View all CVEs affecting Sg300 10mp Firmware →

Sg300 10mpp Firmware by Cisco

View all CVEs affecting Sg300 10mpp Firmware →

Sg300 10p Firmware by Cisco

View all CVEs affecting Sg300 10p Firmware →

Sg300 10pp Firmware by Cisco

View all CVEs affecting Sg300 10pp Firmware →

Sg300 10sfp Firmware by Cisco

View all CVEs affecting Sg300 10sfp Firmware →

Sg300 20 Firmware by Cisco

View all CVEs affecting Sg300 20 Firmware →

Sg300 28 Firmware by Cisco

View all CVEs affecting Sg300 28 Firmware →

Sg300 28mp Firmware by Cisco

View all CVEs affecting Sg300 28mp Firmware →

Sg300 28p Firmware by Cisco

View all CVEs affecting Sg300 28p Firmware →

Sg300 28pp Firmware by Cisco

View all CVEs affecting Sg300 28pp Firmware →

Sg300 28sfp Firmware by Cisco

View all CVEs affecting Sg300 28sfp Firmware →

Sg300 52 Firmware by Cisco

View all CVEs affecting Sg300 52 Firmware →

Sg300 52mp Firmware by Cisco

View all CVEs affecting Sg300 52mp Firmware →

Sg300 52p Firmware by Cisco

View all CVEs affecting Sg300 52p Firmware →

Sg350x 12pmv Firmware by Cisco

View all CVEs affecting Sg350x 12pmv Firmware →

Sg350x 24 Firmware by Cisco

View all CVEs affecting Sg350x 24 Firmware →

Sg350x 24mp Firmware by Cisco

View all CVEs affecting Sg350x 24mp Firmware →

Sg350x 24p Firmware by Cisco

View all CVEs affecting Sg350x 24p Firmware →

Sg350x 24pd Firmware by Cisco

View all CVEs affecting Sg350x 24pd Firmware →

Sg350x 24pv Firmware by Cisco

View all CVEs affecting Sg350x 24pv Firmware →

Sg350x 48 Firmware by Cisco

View all CVEs affecting Sg350x 48 Firmware →

Sg350x 48mp Firmware by Cisco

View all CVEs affecting Sg350x 48mp Firmware →

Sg350x 48p Firmware by Cisco

View all CVEs affecting Sg350x 48p Firmware →

Sg350x 48pv Firmware by Cisco

View all CVEs affecting Sg350x 48pv Firmware →

Sg350x 8pmd Firmware by Cisco

View all CVEs affecting Sg350x 8pmd Firmware →

Sg350xg 24f Firmware by Cisco

View all CVEs affecting Sg350xg 24f Firmware →

Sg350xg 24t Firmware by Cisco

View all CVEs affecting Sg350xg 24t Firmware →

Sg350xg 2f10 Firmware by Cisco

View all CVEs affecting Sg350xg 2f10 Firmware →

Sg350xg 48t Firmware by Cisco

View all CVEs affecting Sg350xg 48t Firmware →

Sg500 28 Firmware by Cisco

View all CVEs affecting Sg500 28 Firmware →

Sg500 28mpp Firmware by Cisco

View all CVEs affecting Sg500 28mpp Firmware →

Sg500 28p Firmware by Cisco

View all CVEs affecting Sg500 28p Firmware →

Sg500 52 Firmware by Cisco

View all CVEs affecting Sg500 52 Firmware →

Sg500 52mp Firmware by Cisco

View all CVEs affecting Sg500 52mp Firmware →

Sg500 52p Firmware by Cisco

View all CVEs affecting Sg500 52p Firmware →

Sg500x 24 Firmware by Cisco

View all CVEs affecting Sg500x 24 Firmware →

Sg500x 24mpp Firmware by Cisco

View all CVEs affecting Sg500x 24mpp Firmware →

Sg500x 24p Firmware by Cisco

View all CVEs affecting Sg500x 24p Firmware →

Sg500x 48 Firmware by Cisco

View all CVEs affecting Sg500x 48 Firmware →

Sg500x 48mp Firmware by Cisco

View all CVEs affecting Sg500x 48mp Firmware →

Sg500x 48p Firmware by Cisco

View all CVEs affecting Sg500x 48p Firmware →

Sg500xg 8f8t Firmware by Cisco

View all CVEs affecting Sg500xg 8f8t Firmware →

Sg550x 24 Firmware by Cisco

View all CVEs affecting Sg550x 24 Firmware →

Sg550x 24mp Firmware by Cisco

View all CVEs affecting Sg550x 24mp Firmware →

Sg550x 24mpp Firmware by Cisco

View all CVEs affecting Sg550x 24mpp Firmware →

Sg550x 24p Firmware by Cisco

View all CVEs affecting Sg550x 24p Firmware →

Sg550x 48 Firmware by Cisco

View all CVEs affecting Sg550x 48 Firmware →

Sg550x 48mp Firmware by Cisco

View all CVEs affecting Sg550x 48mp Firmware →

Sg550x 48p Firmware by Cisco

View all CVEs affecting Sg550x 48p Firmware →

Sg550xg 24f Firmware by Cisco

View all CVEs affecting Sg550xg 24f Firmware →

Sg550xg 24t Firmware by Cisco

View all CVEs affecting Sg550xg 24t Firmware →

Sg550xg 48t Firmware by Cisco

View all CVEs affecting Sg550xg 48t Firmware →

Sg550xg 8f8t Firmware by Cisco

View all CVEs affecting Sg550xg 8f8t Firmware →

Sx350x 08 Firmware by Cisco

View all CVEs affecting Sx350x 08 Firmware →

Sx350x 12 Firmware by Cisco

View all CVEs affecting Sx350x 12 Firmware →

Sx350x 24 Firmware by Cisco

View all CVEs affecting Sx350x 24 Firmware →

Sx350x 24f Firmware by Cisco

View all CVEs affecting Sx350x 24f Firmware →

Sx350x 52 Firmware by Cisco

View all CVEs affecting Sx350x 52 Firmware →

Sx550x 12f Firmware by Cisco

View all CVEs affecting Sx550x 12f Firmware →

Sx550x 16ft Firmware by Cisco

View all CVEs affecting Sx550x 16ft Firmware →

Sx550x 24 Firmware by Cisco

View all CVEs affecting Sx550x 24 Firmware →

Sx550x 24f Firmware by Cisco

View all CVEs affecting Sx550x 24f Firmware →

Sx550x 24ft Firmware by Cisco

View all CVEs affecting Sx550x 24ft Firmware →

Sx550x 52 Firmware by Cisco

View all CVEs affecting Sx550x 52 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of network switch with administrative privileges, enabling network traffic interception, configuration changes, VLAN manipulation, and potential lateral movement to other systems.

🟠

Likely Case

Unauthorized administrative access to switch management interface leading to network disruption, configuration changes, and potential credential harvesting from other systems.

🟢

If Mitigated

Limited impact if switches are patched, web management interfaces are not internet-facing, and proper network segmentation is implemented.

🌐 Internet-Facing: HIGH - Web management interfaces exposed to internet are directly vulnerable to unauthenticated attacks.

🏢 Internal Only: MEDIUM - Requires attacker to have internal network access or compromise internal systems first.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires man-in-the-middle position to intercept credentials, but replay attack itself is straightforward once credentials are captured.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware version 2.5.9.16 or later

Vendor Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-tokens-UzwpR4e5

Restart Required: Yes

Instructions:

1. Download firmware version 2.5.9.16 or later from Cisco website. 2. Backup current configuration. 3. Upload new firmware via web interface or TFTP. 4. Reboot switch. 5. Verify firmware version after reboot.

🔧 Temporary Workarounds

Disable web management interface

all

Disable HTTP/HTTPS web interface and use SSH/CLI for management instead

Copy

no ip http server
no ip http secure-server

Restrict web interface access

all

Limit web interface access to specific management networks using ACLs

Copy

ip http access-class MANAGEMENT-ACL
ip http secure-server access-class MANAGEMENT-ACL

🧯 If You Can't Patch

• Disable web-based management interface and use SSH/CLI exclusively
• Implement strict network segmentation to isolate switch management interfaces from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Copy

Check firmware version via web interface or CLI command: show version

Check Version:

Copy

show version

Verify Fix Applied:

Copy

Verify firmware version is 2.5.9.16 or later using: show version

📡 Detection & Monitoring

Log Indicators:

• Multiple successful admin logins from same IP with same session token
• Admin logins from unusual IP addresses
• Session token reuse across different IPs

Network Indicators:

• HTTP/HTTPS traffic to switch management interface from unexpected sources
• Man-in-the-middle activity on switch management network

SIEM Query:

Copy

source="switch_logs" AND (event_type="admin_login" AND ip_count>1) OR (event_type="session_token_reuse")

📊 Metadata

CVE ID: CVE-2021-34739

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-613

Published: November 4, 2021

Last Updated: November 21, 2024

🔗 References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-tokens-UzwpR4e5 Vendor Advisory
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-switches-tokens-UzwpR4e5 Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-34739, you might also want to check these:

CVE-2024-8888 10.0

An attacker on the same network as a vulnerable CIRCUTOR Q-SMT device can steal authentication token...

Same vulnerability type (CWE-613)

CVE-2023-5865 9.8

This vulnerability in phpMyFAQ allows attackers to maintain access to user sessions beyond intended ...

Same vulnerability type (CWE-613)

CVE-2024-25718 9.8

This vulnerability in the Samly package for Elixir allows expired authentication sessions to remain ...

Same vulnerability type (CWE-613)