CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1672

The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.038

EPSS Ranking 87.5%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2006-1672

Cisco » Optical Networking Systems Software » Version: 1.0

cpe:2.3:a:cisco:optical_networking_systems_software:1.0
Cisco » Optical Networking Systems Software » Version: 1.1

cpe:2.3:a:cisco:optical_networking_systems_software:1.1
Cisco » Optical Networking Systems Software » Version: 1.1(0)

cpe:2.3:a:cisco:optical_networking_systems_software:1.1(0)
Cisco » Optical Networking Systems Software » Version: 1.1(1)

cpe:2.3:a:cisco:optical_networking_systems_software:1.1(1)
Cisco » Optical Networking Systems Software » Version: 1.3(0)

cpe:2.3:a:cisco:optical_networking_systems_software:1.3(0)
Cisco » Optical Networking Systems Software » Version: 3.0

cpe:2.3:a:cisco:optical_networking_systems_software:3.0
Cisco » Optical Networking Systems Software » Version: 3.1.0

cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0
Cisco » Optical Networking Systems Software » Version: 3.2

cpe:2.3:a:cisco:optical_networking_systems_software:3.2
Cisco » Optical Networking Systems Software » Version: 3.3.0

cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0
Cisco » Optical Networking Systems Software » Version: 3.4.0

cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0
Cisco » Optical Networking Systems Software » Version: 4.0(1)

cpe:2.3:a:cisco:optical_networking_systems_software:4.0(1)
Cisco » Optical Networking Systems Software » Version: 4.0(2)

cpe:2.3:a:cisco:optical_networking_systems_software:4.0(2)
Cisco » Optical Networking Systems Software » Version: 4.0.0

cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0
Cisco » Optical Networking Systems Software » Version: 4.1(0)

cpe:2.3:a:cisco:optical_networking_systems_software:4.1(0)
Cisco » Optical Networking Systems Software » Version: 4.1(1)

cpe:2.3:a:cisco:optical_networking_systems_software:4.1(1)
Cisco » Optical Networking Systems Software » Version: 4.1(2)

cpe:2.3:a:cisco:optical_networking_systems_software:4.1(2)
Cisco » Optical Networking Systems Software » Version: 4.1(3)

cpe:2.3:a:cisco:optical_networking_systems_software:4.1(3)
Cisco » Optical Networking Systems Software » Version: 4.1.4

cpe:2.3:a:cisco:optical_networking_systems_software:4.1.4
Cisco » Optical Networking Systems Software » Version: 4.6(0)

cpe:2.3:a:cisco:optical_networking_systems_software:4.6(0)
Cisco » Optical Networking Systems Software » Version: 4.6(1)

cpe:2.3:a:cisco:optical_networking_systems_software:4.6(1)
Cisco » Transport Controller » Version: 4.0.x

cpe:2.3:a:cisco:transport_controller:4.0.x
Cisco » Ons 15310-Cl Series » Version: 0

cpe:2.3:h:cisco:ons_15310-cl_series:0
Cisco » Ons 15600 » Version: 0

cpe:2.3:h:cisco:ons_15600:0
Cisco » Ons 15454 Mspp » Version: N/A

cpe:2.3:o:cisco:ons_15454_mspp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1672

Products

Pricing

Contact Us