CVE-2004-1436

3 documents3 sources

Severity

7.5HIGH

EPSS

1.2%

top 21.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Optical Networking Systems Software

Timeline

PublishedDec 31

Latest updateApr 29

Description

The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/optical_networking_systems_software23 versions+22

🔴Vulnerability Details

GHSA

GHSA-x773-f7wv-p2hw: The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4↗2022-04-29

▶

CVEList

CVE-2004-1436: The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4↗2005-02-13

▶