var-200412-0195
Vulnerability from variot
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets. A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms. Attackers can send malformed IP, ICMP, TCP and UDP packets to cause XTC, TCC/TCC+/TCC2 and TCCi/TCC2 control cards to reboot. Repeated issuance of these malformed packets can cause the control card to stop responding to normal services. The CSCee27329 (passwd) vulnerability is that if the account is set with an empty password, then the device can be successfully authenticated by using a password exceeding 10 characters to log in to the device. This vulnerability only affects the TL1 login interface. The CTC login interface is not affected by this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0195",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 5.6,
"vendor": "cisco",
"version": null
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3\\(5\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\(0\\)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.3(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:2.3\\(5\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1433"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PSIRT\u203b psirt@cisco.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1433",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9863",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1433",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800384",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#969344",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#918920",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#277048",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486224",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#548968",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#760432",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-461",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9863",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9863"
},
{
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets. A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms. Attackers can send malformed IP, ICMP, TCP and UDP packets to cause XTC, TCC/TCC+/TCC2 and TCCi/TCC2 control cards to reboot. Repeated issuance of these malformed packets can cause the control card to stop responding to normal services. The CSCee27329 (passwd) vulnerability is that if the account is set with an empty password, then the device can be successfully authenticated by using a password exceeding 10 characters to log in to the device. This vulnerability only affects the TL1 login interface. The CTC login interface is not affected by this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "VULHUB",
"id": "VHN-9863"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "12117",
"trust": 7.3
},
{
"db": "SECTRACK",
"id": "1010749",
"trust": 4.8
},
{
"db": "CERT/CC",
"id": "VU#800384",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#486224",
"trust": 2.5
},
{
"db": "BID",
"id": "10768",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1433",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#969344",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#918920",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#277048",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#548968",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1010748",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#760432",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461",
"trust": 0.7
},
{
"db": "XF",
"id": "16764",
"trust": 0.6
},
{
"db": "XF",
"id": "16762",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6737",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20040721 CISCO ONS 15327, ONS 15454, ONS 15454 SDH, AND ONS 15600 MALFORMED PACKET VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9863",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9863"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"id": "VAR-200412-0195",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9863"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:36:56.685000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1433"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 7.6,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml"
},
{
"trust": 5.6,
"url": "http://www.cisco.com/en/us/products/hw/optical/"
},
{
"trust": 5.6,
"url": "http://secunia.com/advisories/12117/"
},
{
"trust": 4.8,
"url": "http://www.securitytracker.com/alerts/2004/jul/1010749.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10768"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/486224"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/800384"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12117"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16762"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16764"
},
{
"trust": 0.8,
"url": "http://www.tl1.com/library/tl1/tl1_protocol/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/hw/optical/ps2006/products_installation_and_configuration_guide_chapter09186a00800917bc.html"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/jul/1010748.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16764"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16762"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6737"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9863"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9863"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#800384"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#969344"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#918920"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#277048"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#486224"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#548968"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#760432"
},
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9863"
},
{
"date": "2004-07-21T00:00:00",
"db": "BID",
"id": "10768"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"date": "2004-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#800384"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#969344"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#918920"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#277048"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#486224"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#548968"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#760432"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-9863"
},
{
"date": "2004-07-21T00:00:00",
"db": "BID",
"id": "10768"
},
{
"date": "2018-10-30T16:26:17.480000",
"db": "NVD",
"id": "CVE-2004-1433"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Cisco ONS control cards fail to properly handle malformed TCP packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "10768"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-461"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.