Cisco Security Advisory Cisco Small Business Switches Privileged Access Vulnerability Critical Advisory ID: cisco-sa-20181107-sbsw-privacc First Published: 2018 November 7 16:00 GMT Version 1.2: Interim Workarounds: Yes Cisco Bug IDs: CSCvk20713 CSCvm11846 CVE-2018-15439 CWE-798 CVSS Score: Base 9.8 Click Icon to Copy Verbose Score: 3.0/AV:N/AC:L/PR:N:N/./. The vulnerability exists because the affected software enables a privileged user account without notifying administrators of the system. An attacker can use this account to log in to an affected device and execute commands with full admin rights.”]
Source: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc