Cisco: >> Optical Networking Systems Software >> 3.2 Security Vulnerabilities
Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information.
CVSS Score
5.0
EPSS Score
0.007
Published
2003-03-31
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).
CVSS Score
5.0
EPSS Score
0.005
Published
2003-03-31
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
CVSS Score
5.0
EPSS Score
0.005
Published
2003-03-31
Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.
CVSS Score
10.0
EPSS Score
0.009
Published
2003-03-31
Page 2