PT-2004-2351 · Cisco · Cisco Ons 15454+2
Publicado
2004-12-31
·
Atualizado
2018-10-30
·
CVE-2004-1436
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Cisco ONS 15327 versions 4.6(0) through 4.6(1)
Cisco ONS 15454 versions 4.6(0) through 4.6(1)
Cisco ONS 15454 SDH versions 4.6(0) through 4.6(1)
Description:
The issue allows remote attackers to gain unauthorized access to the system by exploiting the TL1 login interface when a user account is configured with a blank password. This can be done by logging in with a password larger than 10 characters.
Recommendations:
For Cisco ONS 15327 versions 4.6(0) and 4.6(1), configure user accounts with non-blank passwords to prevent unauthorized access.
For Cisco ONS 15454 versions 4.6(0) and 4.6(1), configure user accounts with non-blank passwords to prevent unauthorized access.
For Cisco ONS 15454 SDH versions 4.6(0) and 4.6(1), configure user accounts with non-blank passwords to prevent unauthorized access.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Cisco Ons 15327
Cisco Ons 15454
Cisco Ons 15454 Sdh