CVE-2002-1554

Published Mar 31, 2003

Last updated 6 years ago

Overview

Description: Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B0A4FA3-45F4-47B7-BA5B-6AEC8DB14C9E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6509622E-7E8D-4238-92F2-7DB88A3DB4DA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80460930-7D3D-4315-8D00-FFDCDBA69477"
          },
          {
            "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B80C7D72-D0D1-4328-967C-20EA7590CEC1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0993B9A9-599B-4662-AEC2-EC771BCE8200"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References