Vulnerability Details CVE-2002-1557
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10509.php
- http://www.securityfocus.com/bid/6082
- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10509.php
- http://www.securityfocus.com/bid/6082
Products affected by CVE-2002-1557
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.0
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.2
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.2.0
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0