Vulnerability Details CVE-2002-1558
Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.8%
CVSS Severity
CVSS v2 Score 10.0
References
- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10510.php
- http://www.securityfocus.com/bid/6083
- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10510.php
- http://www.securityfocus.com/bid/6083
Products affected by CVE-2002-1558
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.0
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.2
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.2.0
-
cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0