Vulnerability Note VU#174248
Cisco Content Services Switch (CSS) permits non-privileged user to enter debug mode
A vulnerability in Cisco Content Services Switches (Arrowpoint) allows a valid user to gain administrative access.
Cisco CSS switches run Cisco WebNS software. A user with a valid account on a CSS device can gain unauthorized administrative access to the device. See the Cisco advisory available at http://www.cisco.com/warp/public/707/arrowpoint-useraccnt-debug-pub.shtml for more information.
Local users can gain administrative access to the switch.
Update to version 4.01B19s of Cisco WebNS software.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco||Affected||-||27 Apr 2001|
CVSS Metrics (Learn More)
Our thanks to Cisco for the information provided in their advisory.
This document was written by Shawn V. Hernan.
- CVE IDs: Unknown
- Date Public: 04 Apr 2001
- Date First Published: 28 Apr 2001
- Date Last Updated: 28 Apr 2001
- Severity Metric: 13.50
- Document Revision: 7
If you have feedback, comments, or additional information about this vulnerability, please send us email.