Cisco has flagged and patched several high-severity security vulnerabilities in its Cisco Small Business 220 Series Smart Switches. They could allow remote attacks designed to steal information, drop malware and disrupt operations. The most severe issue is in the entry-level switches that act as the basic building blocks for small- and medium-sized business networks. The bug rates 7.5 on the 10-point CVSS vulnerability scale, and arises from weak session management for the web-based management interface of the switches.
Source: https://threatpost.com/cisco-smart-switches-security-holes/167031/