Cisco Small Business Series Switches Vulnerability Audit

Find Vulnerable Cisco Small Business Series Switches in Your Network

Cisco has released software updates for their Small Business Series switches to address multiple vulnerabilities in the web-based user interface. The issue could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. There are no workarounds for these vulnerabilities, so you should make sure to update all of your switches as soon as possible. You can read more details in our Cisco Small Business Series Switches vulnerability blog.

The report below will help you find any Cisco switches in your network that still need to be patched. Make sure to install the update as soon as possible to protect your network. Simply run the report to get a complete overview of your environment.

These reports utilize Custom OID scanning to retrieve the firmware version. The OID in the example report below is only designed for the SG350 model. Other models might require you to set up custom OID scanning and adjust the report with the new OID.

 

Cisco Small Business Series Vulnerability Audit Lansweeper Classic Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblAssets.Description,
Subquery1.Label As OIDLabel,
Subquery1.Data As Version,
Case
when 
(tblAssetCustom.Model Not Like '%Business 250%' or
tblAssetCustom.Model Not Like '%CBS350%' or
tblAssetCustom.Model Not Like '%CBS250%' or
tblAssetCustom.Model Not Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) < 2 then 'Out of Date'
when 
(tblAssetCustom.Model Not Like '%Business 250%' or
tblAssetCustom.Model Not Like '%CBS350%' or
tblAssetCustom.Model Not Like '%CBS250%' or
tblAssetCustom.Model Not Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) = 2 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 3) As bigint) < 5
then 'Out of Date'
when
(tblAssetCustom.Model Not Like '%Business 250%' or
tblAssetCustom.Model Not Like '%CBS350%' or
tblAssetCustom.Model Not Like '%CBS250%' or
tblAssetCustom.Model Not Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) = 2 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 3) As bigint) = 5 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 2) As bigint) < 9
then 'Out of Date'
when
(tblAssetCustom.Model Not Like '%Business 250%' or
tblAssetCustom.Model Not Like '%CBS350%' or
tblAssetCustom.Model Not Like '%CBS250%' or
tblAssetCustom.Model Not Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) = 2 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 3) As bigint) = 5 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 2) As bigint) = 9 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 1) As bigint) < 16
then 'Out of Date'
‚Äč
when 
(tblAssetCustom.Model Like '%Business 250%' or
tblAssetCustom.Model Like '%CBS350%' or
tblAssetCustom.Model Like '%CBS250%' or
tblAssetCustom.Model Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) < 3 then 'Out of Date'
when 
(tblAssetCustom.Model Like '%Business 250%' or
tblAssetCustom.Model Like '%CBS350%' or
tblAssetCustom.Model Like '%CBS250%' or
tblAssetCustom.Model Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) = 3 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 3) As bigint) < 3
then 'Out of Date'
when
(tblAssetCustom.Model Like '%Business 250%' or
tblAssetCustom.Model Like '%CBS350%' or
tblAssetCustom.Model Like '%CBS250%' or
tblAssetCustom.Model Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) = 3 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 3) As bigint) = 3 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 2) As bigint) < 0
then 'Out of Date'
when
(tblAssetCustom.Model Like '%Business 250%' or
tblAssetCustom.Model Like '%CBS350%' or
tblAssetCustom.Model Like '%CBS250%' or
tblAssetCustom.Model Like '%Business 350%') and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 4) As bigint) = 3 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 3) As bigint) = 3 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 2) As bigint) = 0 and
Cast(ParseName(cast(Subquery1.Data as nvarchar), 1) As bigint) < 16
then 'Out of Date'
When Subquery1.Data is NULL then 'No data found.'
else 'Up to Date'
end as [Status],
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join (Select tblOIDData.AssetID,
tblOIDData.Label,
tblOIDData.Data
From tblOIDData
Where tblOIDData.[Key] = '1.3.6.1.4.1.9.6.1.101.2.4.0' And
tblOIDData.Data Not Like '%data%') As Subquery1 On Subquery1.AssetID =
tblAssets.AssetID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblAssetCustom.Manufacturer Like '%cisco%' and
tblAssetCustom.Model Like '%SF250%' or
tblAssetCustom.Model Like '%SG250%' or
tblAssetCustom.Model Like '%SF350%' or
tblAssetCustom.Model Like '%SF352%' or
tblAssetCustom.Model Like '%SG350%' or
tblAssetCustom.Model Like '%SG355%' or
tblAssetCustom.Model Like '%SG350X%' or
tblAssetCustom.Model Like '%SX350X%' or
tblAssetCustom.Model Like '%SF550X%' or
tblAssetCustom.Model Like '%SG550X%' or
tblAssetCustom.Model Like '%SX550X%' or
tblAssetCustom.Model Like '%Business 250%' or
tblAssetCustom.Model Like '%CBS250%' or
tblAssetCustom.Model Like '%Business 350%' or
tblAssetCustom.Model Like '%CBS350%' or
tblAssetCustom.Model Like '%SF200%' or
tblAssetCustom.Model Like '%SG200%' or
tblAssetCustom.Model Like '%SF300%' or
tblAssetCustom.Model Like '%SF302%' or
tblAssetCustom.Model Like '%SG300%' or
tblAssetCustom.Model Like '%SF500%' or
tblAssetCustom.Model Like '%SG500%'
And tblState.Statename =
'Active'
Order By tblAssetCustom.Model,
tblAssets.IPAddress

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit