VULHUB ™

Cisco Security Advisory - Cisco Application Velocity System's (AVS) default configuration allows transparent relay of TCP connections to any reachable destination TCP port if the receiving TCP service can process requests embedded in a HTTP POST method message. This issue does not require a software upgrade and can be mitigated by a configuration command for all affected customers. Vulnerable versions include AVS 3110 4.0, 5.0, and prior versions. Also affected is AVS 3120 5.0.0 and prior versions.

Cisco Security Advisory - Cisco Application Velocity System's (AVS) default configuration allows transparent relay of TCP connections to any reachable destination TCP port if the receiving TCP service can process requests embedded in a HTTP POST method message. This issue does not require a software upgrade and can be mitigated by a configuration command for all affected customers. Vulnerable versions include AVS 3110 4.0, 5.0, and prior versions. Also affected is AVS 3120 5.0.0 and prior versions.