All the vulnerabilites related to cisco - ons_15454
Vulnerability from fkie_nvd
Published
2013-12-18 16:04
Modified
2024-11-21 01:59
Severity ?
Summary
The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701 | Vendor Advisory | |
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=32200 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1029512 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=32200 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029512 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "383BBBEE-F2B8-4CD4-9390-73E536D3C716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD64656F-0FA2-4F1A-9777-C37686DE9E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95EB5962-F6D9-4606-A28B-521CAAA5B696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAE1275-EC96-4898-96A9-15B00414FB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C01C932-64BC-48F5-8037-81A58B8DC6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE3CF6F-1FED-4402-BF98-21C0CBF9FDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97521058-BCB4-4152-B8FA-EF959966A892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C0E1C0-BBE2-41CA-9144-B3A35E929BCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E3A7E4-39CD-44B9-B72D-0C9B810A2158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ons_15454_mstp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B98B943-24D6-4B37-A44F-0E3985BBB54E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ons_15454e_optical_transport_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9442E2B1-6D21-46FC-9782-CD441254EEFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ons_15454_multiservice_transport_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "143ECB17-B9C3-4BBC-A308-D5E8A4E1D75C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ons_15454_sdh_multiservice_provisioning_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC82D55D-7565-4E74-9D4A-19BB5F87D067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ons_15454_sonet_multiservice_provisioning_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D44F084-DF53-47D4-8E2D-B969528E07EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155."
},
{
"lang": "es",
"value": "El proceso tNetTaskLimit en Transport Node Controller (TNC) en dispositivos Cisco ONS 15454 con software 9.6 y anteriores no prioriza correctamente pings sanitarios, lo cual permite a atacantes remotos causar denegaci\u00f3n de servicio (watchdog timeout y reinicio del TNC) a trav\u00e9s de inundaci\u00f3n del tr\u00e1fico de red, tambi\u00e9n conocido como Bug ID CSCud97155."
}
],
"id": "CVE-2013-6701",
"lastModified": "2024-11-21T01:59:34.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-18T16:04:34.350",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32200"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029512"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-03 19:56
Modified
2024-11-21 01:59
Severity ?
Summary
The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1029422 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029422 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787."
},
{
"lang": "es",
"value": "El m\u00f3dulo TLS/SSLv3 en tarjetas controladoras de Cisco ONS 15454 permite a atacantes remotos causar denegaci\u00f3n de servicio (reinicio de la tarjeta) a trav\u00e9s de paquetes (1) TLS o (2) SSLv3, tambi\u00e9n conocido como Bug ID CSCuh34787."
}
],
"id": "CVE-2013-6703",
"lastModified": "2024-11-21T01:59:34.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-03T19:56:32.280",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029422"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-12 04:37
Modified
2024-11-21 02:05
Severity ?
Summary
Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | cisco_ons_15454_system_software | * | |
| cisco | cisco_ons_15454_system_software | 9.0 | |
| cisco | cisco_ons_15454_system_software | 9.1 | |
| cisco | cisco_ons_15454_system_software | 9.2 | |
| cisco | cisco_ons_15454_system_software | 9.2.1 | |
| cisco | cisco_ons_15454_system_software | 9.2.2 | |
| cisco | cisco_ons_15454_system_software | 9.3 | |
| cisco | cisco_ons_15454_system_software | 9.4 | |
| cisco | ons_15454 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C445CA-51E4-45F7-873B-2A1DC2734F8F",
"versionEndIncluding": "9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "383BBBEE-F2B8-4CD4-9390-73E536D3C716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD64656F-0FA2-4F1A-9777-C37686DE9E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95EB5962-F6D9-4606-A28B-521CAAA5B696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAE1275-EC96-4898-96A9-15B00414FB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C01C932-64BC-48F5-8037-81A58B8DC6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE3CF6F-1FED-4402-BF98-21C0CBF9FDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97521058-BCB4-4152-B8FA-EF959966A892",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348."
},
{
"lang": "es",
"value": "Las tarjetas de controlador de Cisco ONS 15454 con software 9.6 y anteriores permiten a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de tarjeta) a trav\u00e9s de un ataque TCP FIN que provoca agotamiento de descriptores de archivo y un fallo de apertura de una tuber\u00eda CAL, tambi\u00e9n conocido como Bug ID CSCug97348."
}
],
"id": "CVE-2014-2140",
"lastModified": "2024-11-21T02:05:43.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-12T04:37:31.847",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33680"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-16 21:30
Modified
2024-11-21 00:50
Severity ?
Summary
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ons:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4A568B-304B-4523-9441-1179D372BA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCC483E-B58E-403C-8080-FB0B0DCB777F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "37416556-05E2-48F8-ABED-038459B0FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E8DD7-5086-4073-990B-5F5D92FAEF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1449B3C0-A485-4E8A-8337-64C1E85596E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "682C2AF5-EB85-437B-A147-5CB92610A8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49A99E5A-6190-458F-9191-5CEA774F121C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE6182B-2A77-47B1-AB8A-8E12C2CD905E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ons:8.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62992D9B-8D46-436A-B115-F7B687A24776",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15310-cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67D1F3C9-85A5-44F9-8198-28FFDF87A3C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ons_15310-ma:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3769407E-D311-45DF-86D7-46098F5B6C36",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ons_15327:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98E52B-161E-41B7-BCFD-EA6E53FA23B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ons_15454sdh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE53BD6-BE23-40A5-BE4E-62B3088EC8B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ons_15600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "811149AD-89DC-4D93-A598-F6318C9EA64B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session."
},
{
"lang": "es",
"value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, y 15600 con software v7.0.2 hasta v7.0.6, v7.2.2, v8.0.x, v8.5.1, y v8.5.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de tarjeta de control) mediante una sesi\u00f3n TCP manipulada."
}
],
"id": "CVE-2008-3818",
"lastModified": "2024-11-21T00:50:11.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-16T21:30:00.187",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1021592"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/33261"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2009/0139"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-12 04:37
Modified
2024-11-21 02:05
Severity ?
Summary
Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | cisco_ons_15454_system_software | * | |
| cisco | cisco_ons_15454_system_software | 9.0 | |
| cisco | cisco_ons_15454_system_software | 9.1 | |
| cisco | cisco_ons_15454_system_software | 9.2 | |
| cisco | cisco_ons_15454_system_software | 9.2.1 | |
| cisco | cisco_ons_15454_system_software | 9.2.2 | |
| cisco | cisco_ons_15454_system_software | 9.3 | |
| cisco | cisco_ons_15454_system_software | 9.4 | |
| cisco | ons_15454 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C445CA-51E4-45F7-873B-2A1DC2734F8F",
"versionEndIncluding": "9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "383BBBEE-F2B8-4CD4-9390-73E536D3C716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD64656F-0FA2-4F1A-9777-C37686DE9E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95EB5962-F6D9-4606-A28B-521CAAA5B696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAE1275-EC96-4898-96A9-15B00414FB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C01C932-64BC-48F5-8037-81A58B8DC6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE3CF6F-1FED-4402-BF98-21C0CBF9FDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97521058-BCB4-4152-B8FA-EF959966A892",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315."
},
{
"lang": "es",
"value": "Las tarjetas de controlador de Cisco ONS 15454 con software 9.6 y anteriores permiten a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de escritura flash) a trav\u00e9s de un ataque TCP FIN que provoca agotamiento de descriptor de archivo, tambi\u00e9n conocido como Bug ID CSCug97315."
}
],
"id": "CVE-2014-2139",
"lastModified": "2024-11-21T02:05:43.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-12T04:37:31.817",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33681"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-10 04:34
Modified
2024-11-21 02:05
Severity ?
Summary
The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | cisco_ons_15454_system_software | * | |
| cisco | cisco_ons_15454_system_software | 9.0 | |
| cisco | cisco_ons_15454_system_software | 9.1 | |
| cisco | cisco_ons_15454_system_software | 9.2 | |
| cisco | cisco_ons_15454_system_software | 9.2.1 | |
| cisco | cisco_ons_15454_system_software | 9.2.2 | |
| cisco | cisco_ons_15454_system_software | 9.3 | |
| cisco | cisco_ons_15454_system_software | 9.4 | |
| cisco | ons_15454 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C445CA-51E4-45F7-873B-2A1DC2734F8F",
"versionEndIncluding": "9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "383BBBEE-F2B8-4CD4-9390-73E536D3C716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD64656F-0FA2-4F1A-9777-C37686DE9E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95EB5962-F6D9-4606-A28B-521CAAA5B696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAE1275-EC96-4898-96A9-15B00414FB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C01C932-64BC-48F5-8037-81A58B8DC6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE3CF6F-1FED-4402-BF98-21C0CBF9FDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97521058-BCB4-4152-B8FA-EF959966A892",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416."
},
{
"lang": "es",
"value": "La funcionalidad de terminaci\u00f3n de sesi\u00f3n en las tarjetas de controlador de Cisco ONS 15454 con software 9.6 y anteriores no inicializa un puntero no especificado, lo que permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (reinicio de tarjeta) a trav\u00e9s de acciones de cierre de sesi\u00f3n manipuladas, tambi\u00e9n conocido como Bug ID CSCug97416."
}
],
"id": "CVE-2014-2141",
"lastModified": "2024-11-21T02:05:43.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-10T04:34:51.053",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33682"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-12 04:37
Modified
2024-11-21 02:05
Severity ?
Summary
Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "383BBBEE-F2B8-4CD4-9390-73E536D3C716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD64656F-0FA2-4F1A-9777-C37686DE9E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95EB5962-F6D9-4606-A28B-521CAAA5B696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAE1275-EC96-4898-96A9-15B00414FB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C01C932-64BC-48F5-8037-81A58B8DC6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE3CF6F-1FED-4402-BF98-21C0CBF9FDF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97521058-BCB4-4152-B8FA-EF959966A892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ons_15454_system_software:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C0E1C0-BBE2-41CA-9144-B3A35E929BCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ons_15454_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FD4F8-4C27-4955-BF8B-56E010BE1CDC",
"versionEndIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ons_15454_system_software:9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "716866EA-4AE7-48B3-B981-76F659EF829B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870."
},
{
"lang": "es",
"value": "Las tarjetas de controlador de Cisco ONS 15454 con software 10.0 y anteriores permiten a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de tarjeta) a trav\u00e9s de una URI HTTP manipulada, tambi\u00e9n conocido como Bug ID CSCun06870."
}
],
"id": "CVE-2014-2142",
"lastModified": "2024-11-21T02:05:43.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-12T04:37:31.877",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33679"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-04 18:56
Modified
2024-11-21 01:59
Severity ?
Summary
The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702 | Vendor Advisory | |
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=31999 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1029421 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=31999 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029421 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ons_15454_firmware | * | |
| cisco | ons_15454 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ons_15454_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F28C594-1B96-430A-AA08-2254DF097E40",
"versionEndIncluding": "9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de gesti\u00f3n en tarjetas controladoras Cisco ONS 15454 con softare 9.8 y anteriores permite a atacantes remotos causar denegaci\u00f3n de servicio (reinicio de la tarjeta) a trav\u00e9s de paquetes manipulados, tambi\u00e9n conocido como Bug ID CSCtz50902."
}
],
"id": "CVE-2013-6702",
"lastModified": "2024-11-21T01:59:34.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-04T18:56:56.617",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31999"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029421"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2014-2142
Vulnerability from cvelistv5
Published
2014-04-12 01:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=33679 | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33679"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-12T01:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33679"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33679",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33679"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2142",
"datePublished": "2014-04-12T01:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6703
Vulnerability from cvelistv5
Published
2013-12-03 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1029422 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131203 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703"
},
{
"name": "1029422",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029422"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T14:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131203 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703"
},
{
"name": "1029422",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029422"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-6703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131203 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703"
},
{
"name": "1029422",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029422"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-6703",
"datePublished": "2013-12-03T19:00:00",
"dateReserved": "2013-11-07T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2139
Vulnerability from cvelistv5
Published
2014-04-12 01:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=33681 | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33681"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-12T01:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33681"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33681",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33681"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2139",
"datePublished": "2014-04-12T01:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6702
Vulnerability from cvelistv5
Published
2013-12-04 15:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702 | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=31999 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1029421 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131203 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31999"
},
{
"name": "1029421",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T14:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131203 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31999"
},
{
"name": "1029421",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-6702",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131203 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31999",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31999"
},
{
"name": "1029421",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-6702",
"datePublished": "2013-12-04T15:00:00",
"dateReserved": "2013-11-07T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2141
Vulnerability from cvelistv5
Published
2014-04-10 01:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141 | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=33682 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33682"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-10T01:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33682"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33682",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33682"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2141",
"datePublished": "2014-04-10T01:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3818
Vulnerability from cvelistv5
Published
2009-01-16 21:00
Modified
2024-08-07 09:53
Severity ?
EPSS score ?
Summary
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47940 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2009/0139 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml | vendor-advisory, x_refsource_CISCO | |
| http://securitytracker.com/id?1021592 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/33261 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-ons-controlcard-dos(47940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"
},
{
"name": "ADV-2009-0139",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0139"
},
{
"name": "20090114 Cisco ONS Platform Crafted Packet Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"
},
{
"name": "1021592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021592"
},
{
"name": "33261",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-ons-controlcard-dos(47940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"
},
{
"name": "ADV-2009-0139",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0139"
},
{
"name": "20090114 Cisco ONS Platform Crafted Packet Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"
},
{
"name": "1021592",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021592"
},
{
"name": "33261",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-3818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-ons-controlcard-dos(47940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"
},
{
"name": "ADV-2009-0139",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0139"
},
{
"name": "20090114 Cisco ONS Platform Crafted Packet Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"
},
{
"name": "1021592",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021592"
},
{
"name": "33261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-3818",
"datePublished": "2009-01-16T21:00:00",
"dateReserved": "2008-08-27T00:00:00",
"dateUpdated": "2024-08-07T09:53:00.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2140
Vulnerability from cvelistv5
Published
2014-04-12 01:00
Modified
2024-08-06 10:06
Severity ?
EPSS score ?
Summary
Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=33680 | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33680"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-12T01:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33680"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33680",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33680"
},
{
"name": "20140407 Cisco ONS 15454 Controller Card Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2140",
"datePublished": "2014-04-12T01:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:06:00.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6701
Vulnerability from cvelistv5
Published
2013-12-18 11:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1029512 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701 | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=32200 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1029512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029512"
},
{
"name": "20131217 Cisco ONS 15454 Transport Node Controller Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32200"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T14:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1029512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029512"
},
{
"name": "20131217 Cisco ONS 15454 Transport Node Controller Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32200"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-6701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029512"
},
{
"name": "20131217 Cisco ONS 15454 Transport Node Controller Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32200",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32200"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-6701",
"datePublished": "2013-12-18T11:00:00",
"dateReserved": "2013-11-07T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}