Details of VAR-200308-0211

ID

VAR-200308-0211

TITLE

Cisco Content Services Switch ONDM Ping Failed Remote Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2003-2450

DESCRIPTION

The Cisco 11000 CSS is a content services switch. Using a large number of TCP SYN packets directly sent to the CSS switch's circuit address can cause CSS internal message communication to be interrupted, resulting in a denial of service due to excessive CPU utilization. In the CS800 chassis, the system control module (SCM) sends an ONDM (online diagnostics monitor) message to each SFP card. In order to check whether the interface is active, if the SCM does not get a response within 30 seconds, the SCM will not re-create any CORE information. Start the CS800. By sending a large number of SYN packets to the circuit IP interface of the CSS switch, the communication is sent to the SCM through the internal MADLAN Ethernet interface. If the internal interface is overloaded, the ONDM ping request and response are discarded, and there is no internal communication. Denial of service. It has been reported that under certain circumstances, it may be possible for remote attackers to force the System Controller Module (SCM) on Cisco Content Service Switches to reboot. A component on the device known as the Online Diagnostics Monitor (ONDM) periodically sends out ping packets to other components to verify functionality. It may be possible to prevent delivery of these ping packets, causing the router to believe the component is not functional and cause the SCM to reboot the device

Trust: 0.81

sources: CNVD: CNVD-2003-2450 // BID: 8358

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2003-2450

AFFECTED PRODUCTS

vendor:	cisco	model:	webns b4	scope:	eq	version:	6.10	Trust: 0.9
vendor:	cisco	model:	webns b4	scope:	eq	version:	5.0.2.03	Trust: 0.3

sources: CNVD: CNVD-2003-2450 // BID: 8358

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2003-2450
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2003-2450
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2003-2450

THREAT TYPE

network

Trust: 0.3

sources: BID: 8358

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 8358

PATCH

title:

Cisco Content Services Switch ONDM Ping failed patch for remote denial of service attack vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/35408

Trust: 0.6

sources: CNVD: CNVD-2003-2450

EXTERNAL IDS

db:	BID	id:	8358	Trust: 0.9
db:	CNVD	id:	CNVD-2003-2450	Trust: 0.6

sources: CNVD: CNVD-2003-2450 // BID: 8358

REFERENCES

url:	http://www.securityfocus.com/bid/8358	Trust: 0.6
url:	http://www.cisco.com/en/us/products/hw/contnetw/ps789/prod_release_note09186a008014ee04.html	Trust: 0.3
url:	/archive/1/332284	Trust: 0.3
url:	/archive/1/332470	Trust: 0.3
url:	/archive/1/336580	Trust: 0.3

sources: CNVD: CNVD-2003-2450 // BID: 8358

CREDITS

Discovery credited to Eduardo Cruz <ecruz@s21sec.com>, Emilin Garcia <egarcia@s21sec.com>, and Jordi Andre <jandre@s21sec.com>.

Trust: 0.3

sources: BID: 8358

SOURCES

db:	CNVD	id:	CNVD-2003-2450
db:	BID	id:	8358

LAST UPDATE DATE

2022-05-17T01:50:38.836000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2003-2450	date:	2003-08-07T00:00:00
db:	BID	id:	8358	date:	2003-08-07T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2003-2450	date:	2003-08-07T00:00:00
db:	BID	id:	8358	date:	2003-08-07T00:00:00