{"vuid":"VU#174248","idnumber":"174248","name":"Cisco Content Services Switch (CSS) permits non-privileged user to enter debug mode","keywords":["Cisco","Conten Services Switch","CSS","CSCdt32570","Arrowpoint","WebNS"],"overview":"A vulnerability in Cisco Content Services Switches (Arrowpoint)  allows a valid user to gain administrative access.","clean_desc":"Cisco CSS switches run Cisco WebNS software. A user with a valid account on a CSS device can gain unauthorized administrative access to the device. See the Cisco advisory available at http://www.cisco.com/warp/public/707/arrowpoint-useraccnt-debug-pub.shtml for more information.","impact":"Local users can gain administrative access to the switch.","resolution":"Update to version 4.01B19s of Cisco WebNS software.","workarounds":"","sysaffected":"","thanks":"Our thanks to Cisco for the information provided in their advisory.","author":"This document was written by Shawn V. Hernan.","public":["http://www.cisco.com/warp/public/707/arrowpoint-useraccnt-debug-pub.shtml","http://www.securityfocus.com/bid/2559","http://www.ciac.org/ciac/bulletins/l-069.shtml","http://www.uniras.gov.uk/l1/l2/l3/brief2001/UNIRAS%20Briefing%20-%204601-%20Cisco%20Content%20Services%20Switch%20User%20Account%20Vulnerability.txt"],"cveids":["CVE-2001-0414"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-04-07T00:30:43Z","publicdate":"2001-04-04T00:00:00Z","datefirstpublished":"2001-04-28T04:05:40Z","dateupdated":"2001-04-28T04:07:00Z","revision":8,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"9","cam_impact":"20","cam_easeofexploitation":"20","cam_attackeraccessrequired":"10","cam_scorecurrent":"13.5","cam_scorecurrentwidelyknown":"16.875","cam_scorecurrentwidelyknownexploited":"30.375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":13.5,"vulnote":null}