CVE-2008-3818

Name of the Vulnerable Software and Affected Versions Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 versions 7.0.2 through 7.0.6 Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 version 7.2.2 Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 versions 8.0.x Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 version 8.5.1 Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 version 8.5.2

Description The issue allows remote attackers to cause a denial of service via a crafted TCP session, resulting in a control-card reset.

Recommendations For versions 7.0.2 through 7.0.6, consider applying configuration changes to restrict access to the control card. For version 7.2.2, restrict access to the control card to minimize the risk of exploitation. For versions 8.0.x, avoid using the affected TCP session functionality until the issue is resolved. For version 8.5.1, consider disabling the control-card reset functionality as a temporary workaround. For version 8.5.2, restrict access to the control card to prevent denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this issue.