{"vuid":"VU#686939","idnumber":"686939","name":"Cisco Content Service Switch performs soft reset when XML data is sent to web management interface","keywords":["Cisco Content Service Switch","CSS","11000 Series","web management interface","CSCdx41911","CSCdw26696","XML"],"overview":"The Cisco Content Service Switch contains a denial-of-service vulnerability that allows remote attackers to perform a soft reset on affected devices.","clean_desc":"The Cisco Content Service Switch (CSS) products include support for the session and application layers. This additional functionality allows a CSS device to make packet switching decisions based on packet contents (such as HTML tags) rather than relying solely upon packet header information. The CSS 11000 series switch contains a vulnerability that causes the device to perform a soft reset when XML data is sent to its web management interface.","impact":"This vulnerability allows remote attackers to reboot affected devices, creating a denial-of-service condition.","resolution":"Apply a patch from Cisco Cisco has prepared a patch to address this vulnerability. For more information on affected products and obtaining patches, please see http://www.cisco.com/warp/public/707/css-http-post-pub.shtml","workarounds":"Prevent access to the web management interface Cisco customers who are unable to patch affected devices can limit the exploitation of this vulnerability by preventing access to the web management interface. This can be accomplished via the use of a firewall or by disabling the web management interface from an alternate management interface.","sysaffected":"","thanks":"","author":"This document was written by Jeffrey P. Lanza based on information provided by Cisco Systems.","public":["http://www.cisco.com/warp/public/707/css-http-post-pub.shtml","http://www.securityfocus.com/bid/4748"],"cveids":["CVE-2002-0792"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-05-15T20:27:25Z","publicdate":"2002-05-15T00:00:00Z","datefirstpublished":"2002-05-22T19:24:38Z","dateupdated":"2002-05-30T14:37:35Z","revision":14,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"10","cam_internetinfrastructure":"5","cam_population":"15","cam_impact":"5","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"12.65625","cam_scorecurrentwidelyknown":"14.765625","cam_scorecurrentwidelyknownexploited":"18.984375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":12.65625,"vulnote":null}