CVE-2004-1435

4 documents4 sources

Severity

5.0MEDIUM

EPSS

1.2%

top 21.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Optical Networking Systems Software

Timeline

PublishedDec 31

Latest updateApr 29

Description

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/optical_networking_systems_software23 versions+22

🔴Vulnerability Details

GHSA

GHSA-f939-x9p2-wqrp: Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4↗2022-04-29

▶

CVEList

CVE-2004-1435: Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4↗2005-02-13

▶

📋Vendor Advisories

Cisco

Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities↗2004-07-21

▶