Lucene search
K
CiscoOptical Networking Systems Software

20 matches found

CVE
CVE
added 2003/07/25 4:0 a.m.231 views

CVE-2003-0567

Cisco IOS 11.x and 12.0–12.2 are affected by CVE-2003-0567. By sending a specific sequence of IPv4 packets to a router’s interface, an attacker can cause the input queue to become full and trigger a denial of service, potentially stopping traffic processing on that interface and affecting related...

7.8CVSS6.5AI score0.16576EPSS
CVE
CVE
added 2006/04/07 10:0 a.m.59 views

CVE-2006-1671

CVE-2006-1671 affects Cisco Optical Networking System (ONS) 15000 series nodes prior to 20060405. The issue allows remote denial of service (card reset) via (1) a crafted IP packet to a device with secure mode EMS-to-network-element access, (2) a crafted IP packet to a device with IP on the LAN i...

5CVSS6.7AI score0.02384EPSS
CVE
CVE
added 2004/07/21 4:0 a.m.56 views

CVE-2004-0714

Cisco IOS SNMP processing in releases 12.0S, 12.1E, 12.2, 12.2S, 12.3, 12.3B, and 12.3T contains a vulnerability in handling SNMP requests that, when exploited remotely, could cause the device to reload and potentially memory corruption. The issue is triggered by solicited SNMP operations on UDP ...

5CVSS6.7AI score0.02552EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.52 views

CVE-2004-1432

CVE-2004-1432 applies to Cisco ONS platforms: ONS 15327, ONS 15454, and ONS 15454 SDH across multiple releases (e.g., 4.6(0)/4.6(1), 4.5.x, 4.1(0)–4.1(3), 4.0(0)–4.0(2) and earlier). The issue allows remote attackers to cause a denial of service (control card reset) by sending malformed IP or ICM...

5CVSS6.8AI score0.04087EPSS
CVE
CVE
added 2006/04/07 10:0 a.m.52 views

CVE-2006-1672

The CVE-2006-1672 entry affects Cisco Optical Networking System (ONS) 15000 series nodes via Cisco Transport Controller (CTC). A Java policy file entry is installed that grants java.security.AllPermission to any http URL containing "fs/LAUNCHER.jar", enabling remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.04021EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.51 views

CVE-2002-0952

Affected product/versions: Cisco ONS15454 optical transport platform running ONS 3.1.0–3.2.0. Vulnerability: Remote attackers can cause a denial of service (reset) by sending IP packets with non‑zero TOS bits to the Timing Control Card (TCC) LAN interface. Root cause (as stated): Improper handlin...

5CVSS6.7AI score0.01657EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.51 views

CVE-2002-1556

Cisco ONS15454 and ONS15327 devices running ONS prior to version 3.4 are vulnerable to a denial-of-service (reset) via an HTTP request to the TCC, TCC+ or XTC that includes an invalid CORBA Interoperable Object Reference (IOR). The affected hardware/software are Cisco ONS platforms mentioned in C...

5CVSS6.6AI score0.01388EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.49 views

CVE-2004-0307

CVE-2004-0307 affects Cisco ONS platforms (ONS 15327 before 4.1(3); ONS 15454 before 4.6(1); ONS 15454 SD before 4.1(3)). The vulnerability allows remote attackers to trigger a denial-of-service (reset) by manipulating the TCP three-way handshake: not sending the ACK and replying with an invalid ...

5CVSS6.9AI score0.01634EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.48 views

CVE-2002-1554

CVE-2002-1554 affects Cisco ONS15454 and ONS15327 running ONS before 3.4. The issue is that usernames and passwords are stored in cleartext in the image database for the TCC, TCC+ or XTC, which could allow an attacker to gain privileges by extracting passwords from the image database or a backup....

4.6CVSS6.8AI score0.00357EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.48 views

CVE-2004-1433

The CVE-2004-1433 entry concerns multiple Cisco ONS platforms (ONS 15327, ONS 15454, ONS 15454 SDH across versions 4.6(0-1), 4.5.x, 4.1(0-3), 4.0(0-2), older, and ONS 15600 1.x). The issue allows remote attackers to cause a denial of service (control card reset) by sending malformed (1) TCP and (...

5CVSS6.7AI score0.04087EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.47 views

CVE-2002-1555

Cisco ONS CVE-2002-1555 affects Cisco ONS15454 and ONS15327 running ONS before 3.4, where a default, unchangeable SNMP public community string allows remote attackers to obtain sensitive information. The provided documents do not include a remediation or patch details; upgrade/mitigation specific...

5CVSS6.5AI score0.01643EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.47 views

CVE-2004-0308

Cisco ONS platform vulnerability CVE-2004-0308 affects ONS 15327 pre-4.1(3), ONS 15454 pre-4.6(1), ONS 15454 SD pre-4.1(3), and ONS15600 pre-1.3(0). A superuser account that is locked out, disabled, or suspended can gain unauthorized access via Telnet to the VxWorks shell. No remediation details ...

10CVSS6.9AI score0.01748EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.47 views

CVE-2004-1435

CVE-2004-1435 affects Cisco ONS platforms (ONS 15327, ONS 15454, and ONS 15454 SDH) across multiple firmware versions (e.g., 4.6(0)/4.6(1), 4.5.x, 4.1.x, 4.0.x and earlier). The issue enables remote attackers to trigger a denial-of-service (control card reset) by opening a large number of TCP con...

5CVSS6.6AI score0.03165EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.45 views

CVE-2002-1553

The CVE-2002-1553 entry affects Cisco ONS15454 and ONS15327 running ONS prior to 3.4. The vulnerability lets a remote attacker modify system configuration and delete files by connecting via FTP to the TCC, TCC+ or XTC using a non-existent username/password. Connected sources corroborate the issue...

7.5CVSS6.9AI score0.01612EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.45 views

CVE-2004-0306

CVE-2004-0306 affects several Cisco ONS platforms (ONS 15327 prior to 4.1(3); ONS 15454 prior to 4.6(1); ONS 15454 SD prior to 4.1(3); Cisco ONS 15600 prior to 1.3(0)) where TFTP is enabled on UDP port 69 by default. This allows remote attackers to GET or PUT ONS system files on the current activ...

5CVSS6.9AI score0.02117EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.44 views

CVE-2002-1558

Cisco ONS15454 and ONS15327 running ONS before 3.4 expose a non-modifiable VxWorks system account within the TCC, TCC+ and XTC, enabling remote privilege escalation by Telnet. Affected product families: Cisco ONS. Root cause: account cannot be changed or disabled, allowing non-authenticated or lo...

10CVSS7AI score0.02792EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.44 views

CVE-2004-1436

The CVE-2004-1436 issue affects Cisco ONS TL1 login interfaces on Cisco ONS 15327 (4.6(0)/4.6(1)) and 15454/15454 SDH (4.6(0)/4.6(1)). It allows remote authenticated access by logging in with a password longer than 10 characters when the account password is blank, enabling unauthorized access. Th...

7.5CVSS7AI score0.03142EPSS
CVE
CVE
added 2006/04/07 10:0 a.m.44 views

CVE-2006-1670

CVE-2006-1670 affects Cisco Optical Networking System (ONS) 15000 series nodes prior to 20060405. The issue allows remote attackers to cause a denial of service via memory exhaustion (potential card reset) by sending an invalid response when the final ACK is expected, per bug ID CSCei45910. Conne...

7.8CVSS6.8AI score0.02244EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.43 views

CVE-2004-1434

CVE-2004-1434 affects Cisco ONS platforms: 15327, 15454, and 15454 SDH, across multiple software lines (4.1(0)–4.1(2), 4.5(x), 4.0(0)–4.0(2) and earlier). The issue allows remote attackers to cause a denial of service via malformed SNMP packets, triggering a control card reset. No exploitation de...

5CVSS6.7AI score0.03275EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.42 views

CVE-2002-1557

CVE-2002-1557 affects Cisco ONS platforms: ONS15454 and ONS15327 running ONS before 3.4. The vulnerability is triggered by a malformed HTTP request that does not start with a leading ‘/’, allowing an attacker to cause a denial of service by resetting to TCC, TCC+, TCCi or XTC. The provided docume...

5CVSS6.6AI score0.01388EPSS