VAR-200412-0197
Vulnerability from variot - Updated: 2023-12-18 11:32Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms. Attackers can send malformed IP, ICMP, TCP and UDP packets to cause XTC, TCC/TCC+/TCC2 and TCCi/TCC2 control cards to reboot. Repeated issuance of these malformed packets can cause the control card to stop responding to normal services. The CSCee27329 (passwd) vulnerability is that if the account is set with an empty password, then the device can be successfully authenticated by using a password exceeding 10 characters to log in to the device. This vulnerability only affects the TL1 login interface. The CTC login interface is not affected by this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0197",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 5.6,
"vendor": "cisco",
"version": null
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3\\(5\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "optical networking systems software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(3\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(0\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(2\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(0\\)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.3\\(5\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "ons 15454 optical transport platform",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.3(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "156001.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.6(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(3)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.1(0)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(2)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0(1)"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153274.0"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.4"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.3"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.2"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.1"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "153273.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.3\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:2.3\\(5\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:optical_networking_systems_software:1.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1435"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PSIRT\u203b psirt@cisco.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1435",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9865",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1435",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800384",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#969344",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#918920",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#277048",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486224",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#548968",
"trust": 0.8,
"value": "8.03"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#760432",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-386",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9865",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9865"
},
{
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). A vulnerability exists in multiple control cards used by Cisco ONS devices. This vulnerability could allow a remote attacker to cause a denial-of-service condition. Most of the reported issues are related to handling of malformed packets, resulting in a denial of service condition. However, an authentication bypass vulnerability has also been reported to affect some platforms. Attackers can send malformed IP, ICMP, TCP and UDP packets to cause XTC, TCC/TCC+/TCC2 and TCCi/TCC2 control cards to reboot. Repeated issuance of these malformed packets can cause the control card to stop responding to normal services. The CSCee27329 (passwd) vulnerability is that if the account is set with an empty password, then the device can be successfully authenticated by using a password exceeding 10 characters to log in to the device. This vulnerability only affects the TL1 login interface. The CTC login interface is not affected by this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "VULHUB",
"id": "VHN-9865"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "12117",
"trust": 7.3
},
{
"db": "SECTRACK",
"id": "1010749",
"trust": 4.8
},
{
"db": "CERT/CC",
"id": "VU#277048",
"trust": 2.5
},
{
"db": "BID",
"id": "10768",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1435",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#800384",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#969344",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#918920",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#486224",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#548968",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1010748",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#760432",
"trust": 0.8
},
{
"db": "XF",
"id": "16763",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6737",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20040721 CISCO ONS 15327, ONS 15454, ONS 15454 SDH, AND ONS 15600 MALFORMED PACKET VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9865",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9865"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"id": "VAR-200412-0197",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9865"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:32:19.083000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1435"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 7.6,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml"
},
{
"trust": 5.6,
"url": "http://www.cisco.com/en/us/products/hw/optical/"
},
{
"trust": 5.6,
"url": "http://secunia.com/advisories/12117/"
},
{
"trust": 4.8,
"url": "http://www.securitytracker.com/alerts/2004/jul/1010749.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10768"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/277048"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12117"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16763"
},
{
"trust": 0.8,
"url": "http://www.tl1.com/library/tl1/tl1_protocol/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/hw/optical/ps2006/products_installation_and_configuration_guide_chapter09186a00800917bc.html"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/jul/1010748.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16763"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6737"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9865"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800384"
},
{
"db": "CERT/CC",
"id": "VU#969344"
},
{
"db": "CERT/CC",
"id": "VU#918920"
},
{
"db": "CERT/CC",
"id": "VU#277048"
},
{
"db": "CERT/CC",
"id": "VU#486224"
},
{
"db": "CERT/CC",
"id": "VU#548968"
},
{
"db": "CERT/CC",
"id": "VU#760432"
},
{
"db": "VULHUB",
"id": "VHN-9865"
},
{
"db": "BID",
"id": "10768"
},
{
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#800384"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#969344"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#918920"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#277048"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#486224"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#548968"
},
{
"date": "2004-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#760432"
},
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9865"
},
{
"date": "2004-07-21T00:00:00",
"db": "BID",
"id": "10768"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"date": "2004-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#800384"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#969344"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#918920"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#277048"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#486224"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#548968"
},
{
"date": "2004-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#760432"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-9865"
},
{
"date": "2004-07-21T00:00:00",
"db": "BID",
"id": "10768"
},
{
"date": "2018-10-30T16:26:17.480000",
"db": "NVD",
"id": "CVE-2004-1435"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Cisco ONS control cards fail to properly handle malformed TCP packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800384"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "10768"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-386"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…