Vulnslist

find the latest Cisco vulnerabilities

Cisco Content Services Switch (11500) Unauthenticated Port Forwarding Vulnerability

Cisco-SA-20150318-CVE-2015-0667 · Medium · Published · Updated

A vulnerability in the Management Interface of the Cisco Content Services Switch (11500) could allow an unauthenticated, remote attacker to gain unauthorized access to other devices on the network. The vulnerability is due to improper handling of SSH packets. An attacker could exploit this vulnerability by sending crafted packets to the Management Interface on the Cisco Content Services Switch (CSS). Cisco has confirmed the vulnerability; however, software updates are not available. To exploit this vulnerability, an attacker may need to acquire additional information, such as the IP address of the Management Interface on a targeted device in order to send crafted packets to the device. Cisco indicates through the CVSS score that proof-of-concept exploit code exists; however, the code is not known to be publicly available.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to contact the vendor regarding future updates and releases.

Administrators are advised to allow only trusted users to have network access.

Administrators can help protect affected systems from external attacks by using a solid firewall strategy.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators are advised to monitor affected systems.

CVEsCVE-2015-0667
Cisco Bug IDsCSCut14855
CVSS ScoreBase 5.0
Base 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:U/RC:C
Product Names From Source
Cisco Content Services Switch (CSS)

Related Products

Product CVE Evidence
Cisco Content Services Switch (CSS) CVE-2015-0667 Cisco OpenVuln