Optical Networking Systems Software@3.1.0 Security Vulnerabilities and Issues — Optical Networking Systems Software@3.1.0 CVE List

Lucene search

CiscoOptical Networking Systems Software3.1.0

17 matches found

CVE•added 2003/08/18 4:0 a.m.•208 views

CVE-2003-0567

Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.

7.8CVSS6.5AI score0.24634EPSS

CVE•added 2006/04/07 10:4 a.m.•41 views

CVE-2006-1672

The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execu...

7.5CVSS7.7AI score0.03797EPSS

CVE•added 2005/02/13 5:0 a.m.•39 views

CVE-2004-1432

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets.

5CVSS6.8AI score0.03307EPSS

CVE•added 2003/03/31 5:0 a.m.•38 views

CVE-2002-1554

Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.

4.6CVSS6.8AI score0.00107EPSS

CVE•added 2003/03/31 5:0 a.m.•38 views

CVE-2002-1556

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).

5CVSS6.6AI score0.00486EPSS

CVE•added 2004/07/27 4:0 a.m.•38 views

CVE-2004-0714

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

5CVSS6.7AI score0.0286EPSS

CVE•added 2006/04/07 10:4 a.m.•38 views

CVE-2006-1671

Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a...

5CVSS6.7AI score0.02512EPSS

CVE•added 2005/02/13 5:0 a.m.•37 views

CVE-2004-1433

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packet...

5CVSS6.7AI score0.03307EPSS

CVE•added 2005/02/13 5:0 a.m.•36 views

CVE-2004-1435

5CVSS6.6AI score0.01191EPSS

CVE•added 2003/03/31 5:0 a.m.•35 views

CVE-2002-1555

Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information.

5CVSS6.5AI score0.00718EPSS

CVE•added 2003/04/02 5:0 a.m.•34 views

CVE-2002-0952

Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.

5CVSS6.7AI score0.00739EPSS

CVE•added 2003/03/31 5:0 a.m.•33 views

CVE-2002-1553

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist.

7.5CVSS6.9AI score0.00741EPSS

CVE•added 2005/02/13 5:0 a.m.•33 views

CVE-2004-1434

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets.

5CVSS6.7AI score0.02009EPSS

CVE•added 2006/04/07 10:4 a.m.•33 views

CVE-2006-1670

Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.

7.8CVSS6.8AI score0.01919EPSS

CVE•added 2003/03/31 5:0 a.m.•32 views

CVE-2002-1558

Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.

10CVSS7AI score0.00925EPSS

CVE•added 2005/02/13 5:0 a.m.•32 views

CVE-2004-1436

The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters.

7.5CVSS7AI score0.01191EPSS

CVE•added 2003/03/31 5:0 a.m.•27 views

CVE-2002-1557

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.

5CVSS6.6AI score0.00486EPSS