CVSS: 7.8EPSS: 2%CPEs: 24EXPL: 2CVE-2006-1670
https://notcve.org/view.php?id=CVE-2006-1670
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015872 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24434 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25643 •
CVSS: 7.5EPSS: 13%CPEs: 24EXPL: 0CVE-2006-1672
https://notcve.org/view.php?id=CVE-2006-1672
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015871 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24438 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25647 •
CVSS: 5.0EPSS: 6%CPEs: 24EXPL: 0CVE-2006-1671
https://notcve.org/view.php?id=CVE-2006-1671
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558. • http://secunia.com/advisories/19553 http://securitytracker.com/id?1015872 http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml http://www.osvdb.org/24435 http://www.osvdb.org/24436 http://www.osvdb.org/24437 http://www.securityfocus.com/bid/17384 http://www.vupen.com/english/advisories/2006/1256 https://exchange.xforce.ibmcloud.com/vulnerabilities/25644 https://exchange.xforce.ibmcloud.com/vulnerabilities/25645 https://exchange.xforce.ibmcloud.com/vulnerabilities/2564 •
CVSS: 5.0EPSS: 1%CPEs: 23EXPL: 0CVE-2004-1435
https://notcve.org/view.php?id=CVE-2004-1435
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). • http://secunia.com/advisories/12117 http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml http://www.kb.cert.org/vuls/id/277048 http://www.securityfocus.com/bid/10768 https://exchange.xforce.ibmcloud.com/vulnerabilities/16763 •
CVSS: 7.5EPSS: 1%CPEs: 23EXPL: 0CVE-2004-1436
https://notcve.org/view.php?id=CVE-2004-1436
The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters. • http://secunia.com/advisories/12117 http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml http://www.kb.cert.org/vuls/id/760432 http://www.securityfocus.com/bid/10768 https://exchange.xforce.ibmcloud.com/vulnerabilities/16766 •