CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
13 May 2019 — A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot har... • http://www.securityfocus.com/bid/108350 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-9211
https://notcve.org/view.php?id=CVE-2016-9211
14 Dec 2016 — A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. More Information: CSCuw26032. Known Affected Releases: 10.51. Una vulnerabilidad en la administración del puerto TCP en Cisco ONS 15454 Series Multiservice Provisioning Platforms podría permitir a un atacante remoto no autenticado provocar un reinicio inesperado de la tarjeta de control. Más Información: CSCu... • http://www.securityfocus.com/bid/94795 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0765
https://notcve.org/view.php?id=CVE-2015-0765
04 Jun 2015 — Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. Cisco ONS 15454 System Software 10.30 y 10.301 permite a atacantes remotos causar una denegación de servicio (consumo de CPU tNetTask o reconfiguración de tarjeta) a través de una inundación de trafico de (1) IPs o (2) Ethernet, También conocido como Bug ID CSCus57263. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39172 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-2139
https://notcve.org/view.php?id=CVE-2014-2139
12 Apr 2014 — Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (flash write outage) via a TCP FIN attack that triggers file-descriptor exhaustion, aka Bug ID CSCug97315. Las tarjetas de controlador de Cisco ONS 15454 con software 9.6 y anteriores permiten a atacantes remotos causar una denegación de servicio (interrupción de escritura flash) a través de un ataque TCP FIN que provoca agotamiento de descriptor de archivo, también conocido como Bug ID CSCug97... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2139 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-2140
https://notcve.org/view.php?id=CVE-2014-2140
12 Apr 2014 — Cisco ONS 15454 controller cards with software 9.6 and earlier allow remote attackers to cause a denial of service (card reset) via a TCP FIN attack that triggers file-descriptor exhaustion and a failure to open a CAL pipe, aka Bug ID CSCug97348. Las tarjetas de controlador de Cisco ONS 15454 con software 9.6 y anteriores permiten a atacantes remotos causar una denegación de servicio (reinicio de tarjeta) a través de un ataque TCP FIN que provoca agotamiento de descriptores de archivo y un fallo de apertura... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2140 •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2014-2142
https://notcve.org/view.php?id=CVE-2014-2142
12 Apr 2014 — Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870. Las tarjetas de controlador de Cisco ONS 15454 con software 10.0 y anteriores permiten a atacantes remotos causar una denegación de servicio (reinicio de tarjeta) a través de una URI HTTP manipulada, también conocido como Bug ID CSCun06870. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2142 •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-2141
https://notcve.org/view.php?id=CVE-2014-2141
10 Apr 2014 — The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416. La funcionalidad de terminación de sesión en las tarjetas de controlador de Cisco ONS 15454 con software 9.6 y anteriores no inicializa un puntero no especificado, lo que permite a usuarios remotos autenticados causar una de... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2141 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2013-6701
https://notcve.org/view.php?id=CVE-2013-6701
18 Dec 2013 — The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155. El proceso tNetTaskLimit en Transport Node Controller (TNC) en dispositivos Cisco ONS 15454 con software 9.6 y anteriores no prioriza correctamente pings sanitarios, lo cual permite a atacantes remoto... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6701 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-6702
https://notcve.org/view.php?id=CVE-2013-6702
04 Dec 2013 — The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902. La implementación de gestión en tarjetas controladoras Cisco ONS 15454 con softare 9.8 y anteriores permite a atacantes remotos causar denegación de servicio (reinicio de la tarjeta) a través de paquetes manipulados, también conocido como Bug ID CSCtz50902. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6702 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6703
https://notcve.org/view.php?id=CVE-2013-6703
03 Dec 2013 — The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787. El módulo TLS/SSLv3 en tarjetas controladoras de Cisco ONS 15454 permite a atacantes remotos causar denegación de servicio (reinicio de la tarjeta) a través de paquetes (1) TLS o (2) SSLv3, también conocido como Bug ID CSCuh34787. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6703 • CWE-20: Improper Input Validation •