Content Services Switch 11000
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0356 | 0.10 | — | 0.83 | May 31, 2005 | Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later… | |||
| CVE-2006-4352 | 0.00 | — | 0.01 | Aug 25, 2006 | The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | |||
| CVE-2004-0352 | 0.00 | — | 0.03 | Nov 23, 2004 | Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. | |||
| CVE-2003-1132 | 0.00 | — | 0.02 | Dec 31, 2003 | The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service… | |||
| CVE-2002-0870 | 0.00 | — | 0.01 | Sep 5, 2002 | The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through… | |||
| CVE-2002-0792 | 0.00 | — | 0.03 | Aug 12, 2002 | The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | |||
| CVE-2001-0622 | 0.00 | — | 0.02 | Aug 14, 2001 | The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | |||
| CVE-2001-0621 | 0.00 | — | 0.01 | Aug 14, 2001 | The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. |
- CVE-2005-0356May 31, 2005risk 0.10cvss —epss 0.83
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later…
- CVE-2006-4352Aug 25, 2006risk 0.00cvss —epss 0.01
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
- CVE-2004-0352Nov 23, 2004risk 0.00cvss —epss 0.03
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
- CVE-2003-1132Dec 31, 2003risk 0.00cvss —epss 0.02
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service…
- CVE-2002-0870Sep 5, 2002risk 0.00cvss —epss 0.01
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through…
- CVE-2002-0792Aug 12, 2002risk 0.00cvss —epss 0.03
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
- CVE-2001-0622Aug 14, 2001risk 0.00cvss —epss 0.02
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
- CVE-2001-0621Aug 14, 2001risk 0.00cvss —epss 0.01
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.