Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1558

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-1558
Last Modified 05 Sep 2008 04:30:54
Published 31 Mar 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1558

Summary

Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.

Vulnerable Systems

Operating System

  • Cisco Ons 15327 3.0

  • Cisco Ons 15327 3.1

  • Cisco Ons 15327 3.2

  • Cisco Ons 15327 3.3

  • Cisco Ons 15454 Optical Transport Platform 3.0

  • Cisco Ons 15454 Optical Transport Platform 3.1.0

  • Cisco Ons 15454 Optical Transport Platform 3.2.0

  • Cisco Ons 15454 Optical Transport Platform 3.3


References

BID - 6083

XF - cisco-ons-default-vsworks-account(10510)

CISCO - 20021031 Cisco ONS15454 and Cisco ONS15327 Vulnerabilities


Last Updated: 27 May 2016 10:37:23