cvelistv5 - cve-2004-0306

CVE-2004-0306 (GCVE-0-2004-0306)

Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.cisco.com/warp/public/707/cisco-sa-200…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/9699	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:14.021Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
          },
          {
            "name": "9699",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9699"
          },
          {
            "name": "cisco-ons-file-upload(15264)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-03-23T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
        },
        {
          "name": "9699",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9699"
        },
        {
          "name": "cisco-ons-file-upload(15264)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0306",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
            },
            {
              "name": "9699",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9699"
            },
            {
              "name": "cisco-ons-file-upload(15264)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0306",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2004-03-17T00:00:00",
    "dateUpdated": "2024-08-08T00:17:14.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D1888FF-6126-4F40-A7EA-1ED5123FA729\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\\\(1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10988AA9-A807-4E70-8197-6F9EFC13AE86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\\\(2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8951276-CDEF-4F54-93DF-B96DB10E6530\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D886A75-5A73-4B1C-8B2A-45D589267B37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(0\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5A594C2-98BB-4AC5-9CC5-89FE97D63323\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B35325A-98F6-41DF-ADD8-91ED992A3ED3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0B06C5B-73C2-47F1-9ED6-B59F9C1C5AF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(3\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9758019-F6EA-4552-B070-5A9EBE73BB86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E75DB3F4-94A8-4341-9C01-1F0DC25A3402\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA524BE1-6B13-455A-96EA-17C1A71BD0F2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.\"}, {\"lang\": \"es\", \"value\": \"Cisco ONS 15327 anteriores a 4.1(3), ONS 15454 anteriores a 4.6(1), ONS 15454 SD anteriores a 4.1(3), y Cisco ONS 15600 anteriores a 1.3(0) tienen activo el servicio TFTP en el puerto UDP 69 por defecto, lo que permite a atacantes remotos obtener (GET) o poner (PUT ON) ficheros de sistema en TCC activo acual en los directorios /flash0 y /flash1.\"}]",
      "id": "CVE-2004-0306",
      "lastModified": "2024-11-20T23:48:17.083",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2004-11-23T05:00:00.000",
      "references": "[{\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/9699\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/15264\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/9699\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/15264\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-0306\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-11-23T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.\"},{\"lang\":\"es\",\"value\":\"Cisco ONS 15327 anteriores a 4.1(3), ONS 15454 anteriores a 4.6(1), ONS 15454 SD anteriores a 4.1(3), y Cisco ONS 15600 anteriores a 1.3(0) tienen activo el servicio TFTP en el puerto UDP 69 por defecto, lo que permite a atacantes remotos obtener (GET) o poner (PUT ON) ficheros de sistema en TCC activo acual en los directorios /flash0 y /flash1.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D1888FF-6126-4F40-A7EA-1ED5123FA729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10988AA9-A807-4E70-8197-6F9EFC13AE86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8951276-CDEF-4F54-93DF-B96DB10E6530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D886A75-5A73-4B1C-8B2A-45D589267B37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5A594C2-98BB-4AC5-9CC5-89FE97D63323\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B35325A-98F6-41DF-ADD8-91ED992A3ED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B06C5B-73C2-47F1-9ED6-B59F9C1C5AF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9758019-F6EA-4552-B070-5A9EBE73BB86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E75DB3F4-94A8-4341-9C01-1F0DC25A3402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA524BE1-6B13-455A-96EA-17C1A71BD0F2\"}]}]}],\"references\":[{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/9699\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15264\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/9699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15264\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2004-0306

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2004-0306

Aliases

CVE-2004-0306

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-0306",
    "description": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.",
    "id": "GSD-2004-0306"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-0306"
      ],
      "details": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.",
      "id": "GSD-2004-0306",
      "modified": "2023-12-13T01:22:54.763738Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-0306",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
          },
          {
            "name": "9699",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/9699"
          },
          {
            "name": "cisco-ons-file-upload(15264)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0306"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "9699",
              "refsource": "BID",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/9699"
            },
            {
              "name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities",
              "refsource": "CISCO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
            },
            {
              "name": "cisco-ons-file-upload(15264)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:26Z",
      "publishedDate": "2004-11-23T05:00Z"
    }
  }
}

GHSA-H4V9-XFR4-CH4G

Vulnerability from github – Published: 2022-04-29 02:57 – Updated: 2022-04-29 02:57

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-0306"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-11-23T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.",
  "id": "GHSA-h4v9-xfr4-ch4g",
  "modified": "2022-04-29T02:57:30Z",
  "published": "2022-04-29T02:57:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0306"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/9699"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200411-0074

Vulnerability from variot - Updated: 2024-06-09 23:07

Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories. Cisco Systems optical networking systems software Exists in unspecified vulnerabilities.None. Cisco ONS is a fiber optic network platform developed by CISCO.

There are multiple vulnerabilities in Cisco ONS that can lead to attacks such as unauthorized access to the device, denial of service, or locked account and continued authentication. These control cards are generally isolated from the Internet and connected only to the local network environment. The following vulnerabilities exist:

-CSCec17308 / CSCec19124 (tftp)

The TFTP service uses UDP port 69 by default, allowing GET and PUT commands to be performed without any authentication, and the client can connect to the fiber optic device to upload and download arbitrary user data. TCP 1080 port is used for network management and control card communication. An ACK denial of service attack can cause the control card on a fiber optic device to reset.

-CSCec66884 / CSCec71157 (SU access)

By default, only superusers are allowed to telnet access to the VxWorks operating system. Due to this vulnerability, if the superuser account is blocked, locked and suspended, you can still log in to the VxWorks shell using the set password. It should be noted that the various ONS platforms are intended to be deployed on networks that are physically separated from the Internet, so exposure to these issues by remote attackers is limited

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200411-0074",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.0.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.0\\(2\\)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(0\\)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(3\\)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(2\\)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(1\\)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.0\\(1\\)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.5"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "4.5"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.1(2)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.0.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.1(0)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "1.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.1(1)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.5"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.0(2)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": null
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.1.0"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.0(1)"
      },
      {
        "model": "optical networking systems software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
        "version": "4.1(3)"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.6,
        "vendor": "none",
        "version": null
      },
      {
        "model": "ons 15454 optical transport platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(3\\)"
      },
      {
        "model": "ons 15454 optical transport platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(1\\)"
      },
      {
        "model": "ons 15454 optical transport platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(2\\)"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(1\\)"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(0\\)"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(2\\)"
      },
      {
        "model": "ons 15600",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "ons 15454 optical transport platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.0\\(1\\)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "1.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.0(1)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.0(2)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.0.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.1(0)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.1(1)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.1(2)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.1(3)"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.1.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "optical networking",
        "version": "4.5"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "156001.0"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1(2)"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1(1)"
      },
      {
        "model": "ons 15454sdh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1(0)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1(3)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1(2)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1(1)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1(0)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.0(1)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.0"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.1(2)"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.1(1)"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.1(0)"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.0(2)"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.0(1)"
      },
      {
        "model": "ons",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.0"
      },
      {
        "model": "ons",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "156001.3(0)"
      },
      {
        "model": "ons",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "156001.1(1)"
      },
      {
        "model": "ons",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "156001.1(0)"
      },
      {
        "model": "ons 15454sdh",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.6(1)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1(3)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.1(1)"
      },
      {
        "model": "ons optical transport platform",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "154544.0(2)"
      },
      {
        "model": "ons",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.1(3)"
      },
      {
        "model": "ons",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.1(1)"
      },
      {
        "model": "ons",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "153274.0(2)"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "db": "BID",
        "id": "9699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security Advisory",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2004-0306",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2004-0306",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "7d7fc400-463f-11e9-a58e-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-8736",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-0306",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200411-121",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7fc400-463f-11e9-a58e-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-8736",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8736"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories. Cisco Systems optical networking systems software Exists in unspecified vulnerabilities.None. Cisco ONS is a fiber optic network platform developed by CISCO. \n\n\u00a0There are multiple vulnerabilities in Cisco ONS that can lead to attacks such as unauthorized access to the device, denial of service, or locked account and continued authentication. These control cards are generally isolated from the Internet and connected only to the local network environment. The following vulnerabilities exist:\n\n\u00a0-CSCec17308 / CSCec19124 (tftp)\n\n\u00a0The TFTP service uses UDP port 69 by default, allowing GET and PUT commands to be performed without any authentication, and the client can connect to the fiber optic device to upload and download arbitrary user data. TCP 1080 port is used for network management and control card communication. An ACK denial of service attack can cause the control card on a fiber optic device to reset. \n\n\u00a0-CSCec66884 / CSCec71157 (SU access)\n\n\u00a0By default, only superusers are allowed to telnet access to the VxWorks operating system. Due to this vulnerability, if the superuser account is blocked, locked and suspended, you can still log in to the VxWorks shell using the set password. \nIt should be noted that the various ONS platforms are intended to be deployed on networks that are physically separated from the Internet, so exposure to these issues by remote attackers is limited",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "db": "BID",
        "id": "9699"
      },
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8736"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2004-0306",
        "trust": 4.6
      },
      {
        "db": "BID",
        "id": "9699",
        "trust": 2.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "15264",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20040219 CISCO ONS 15327, ONS 15454, ONS 15454 SDH, AND ONS 15600 VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "EBE2DF6A-23CC-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7FC400-463F-11E9-A58E-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-8736",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8736"
      },
      {
        "db": "BID",
        "id": "9699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "id": "VAR-200411-0074",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8736"
      }
    ],
    "trust": 0.11000000000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT",
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.4
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      }
    ]
  },
  "last_update_date": "2024-06-09T23:07:21.232000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Cisco\u00a0ONS\u00a015327",
        "trust": 0.8,
        "url": "https://www.cisco.com/web/jp/product/hs/optical/ons15327/prodlit/pdf/0261_on15327.pdf"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "others (CWE-Other) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ons.shtml"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/9699"
      },
      {
        "trust": 1.9,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0306"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/15264"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8736"
      },
      {
        "db": "BID",
        "id": "9699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8736"
      },
      {
        "db": "BID",
        "id": "9699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-02-19T00:00:00",
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2004-02-19T00:00:00",
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "date": "2004-02-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "date": "2004-11-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8736"
      },
      {
        "date": "2004-02-19T00:00:00",
        "db": "BID",
        "id": "9699"
      },
      {
        "date": "2024-06-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "date": "2004-02-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "date": "2004-11-23T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-02-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2004-0503"
      },
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8736"
      },
      {
        "date": "2009-07-12T03:06:00",
        "db": "BID",
        "id": "9699"
      },
      {
        "date": "2024-06-07T09:02:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      },
      {
        "date": "2005-05-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      },
      {
        "date": "2018-10-30T16:26:17.390000",
        "db": "NVD",
        "id": "CVE-2004-0306"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Systems \u00a0optical\u00a0networking\u00a0systems\u00a0software\u00a0 Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000939"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unknown",
    "sources": [
      {
        "db": "IVD",
        "id": "ebe2df6a-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7fc400-463f-11e9-a58e-000c29342cb1"
      },
      {
        "db": "BID",
        "id": "9699"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200411-121"
      }
    ],
    "trust": 1.3
  }
}

FKIE_CVE-2004-0306

Vulnerability from fkie_nvd - Published: 2004-11-23 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/9699	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/15264
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/9699	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/15264

Impacted products

Vendor	Product	Version
cisco	optical_networking_systems_software	1.0
cisco	optical_networking_systems_software	4.0\(1\)
cisco	optical_networking_systems_software	4.0\(2\)
cisco	optical_networking_systems_software	4.0.0
cisco	optical_networking_systems_software	4.1\(0\)
cisco	optical_networking_systems_software	4.1\(1\)
cisco	optical_networking_systems_software	4.1\(2\)
cisco	optical_networking_systems_software	4.1\(3\)
cisco	optical_networking_systems_software	4.1.0
cisco	optical_networking_systems_software	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1888FF-6126-4F40-A7EA-1ED5123FA729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "10988AA9-A807-4E70-8197-6F9EFC13AE86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C8951276-CDEF-4F54-93DF-B96DB10E6530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D886A75-5A73-4B1C-8B2A-45D589267B37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A594C2-98BB-4AC5-9CC5-89FE97D63323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9B35325A-98F6-41DF-ADD8-91ED992A3ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B06C5B-73C2-47F1-9ED6-B59F9C1C5AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D9758019-F6EA-4552-B070-5A9EBE73BB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75DB3F4-94A8-4341-9C01-1F0DC25A3402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA524BE1-6B13-455A-96EA-17C1A71BD0F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories."
    },
    {
      "lang": "es",
      "value": "Cisco ONS 15327 anteriores a 4.1(3), ONS 15454 anteriores a 4.6(1), ONS 15454 SD anteriores a 4.1(3), y Cisco ONS 15600 anteriores a 1.3(0) tienen activo el servicio TFTP en el puerto UDP 69 por defecto, lo que permite a atacantes remotos obtener (GET) o poner (PUT ON) ficheros de sistema en TCC activo acual en los directorios /flash0 y /flash1."
    }
  ],
  "id": "CVE-2004-0306",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-11-23T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9699"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15264"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2004-0306 (GCVE-0-2004-0306)

GSD-2004-0306

GHSA-H4V9-XFR4-CH4G

VAR-200411-0074

FKIE_CVE-2004-0306

Tags

Sightings

Nomenclature