Details of VAR-200402-0092

ID

VAR-200402-0092

CVE

CAN-2004-0306

TITLE

CNVD-2004-0508

Trust: 1.0

sources: IVD: 7d7f9cf0-463f-11e9-b009-000c29342cb1 // IVD: 3c03ec34-2038-11e6-abef-000c29c66e3d // CNVD: CNVD-2004-0508

DESCRIPTION

Cisco ONS is a fiber optic network platform developed by CISCO. Cisco ONS has multiple vulnerabilities that can result in unauthorized access to the device, denial of service, or lock-in of the account and continued authentication. The Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 can be managed through XTC, TCC+/TCC2, TCCi/TCC2, and TSC control cards, which are typically isolated from the INTERNET and only connected to the local network environment. The following vulnerabilities exist: - CSCec17308/CSCec19124(tftp) The TFTP service uses UDP port 69 by default, allowing GET and PUT commands without any authentication. The client can connect to the fiber device and upload and download any user data. - CSCec17406 (port 1080) Cisco ONS 15327, ONS 15454 and ONS 15454 SDH hardware have ACK denial of service attacks on TCP 1080 ports, and TCP 1080 ports are used for network management to communicate with control cards. A ACK denial of service attack can result in a control card reset on a fiber optic device. - CSCec66884/CSCec71157 (SU access) By default, only superusers are allowed to telnet access to the VxWorks operating system. Due to this vulnerability, if the superuser account is disabled, locked and suspended, the VxWorks shell can still be logged in using the setup password

Trust: 1.8

sources: CNVD: CNVD-2004-0508 // CNVD: CNVD-2004-0507 // IVD: 7d7f9cf0-463f-11e9-b009-000c29342cb1 // IVD: 3da8f836-2038-11e6-abef-000c29c66e3d // IVD: 3c03ec34-2038-11e6-abef-000c29c66e3d // IVD: 7d7f9cf2-463f-11e9-adeb-000c29342cb1

IOT TAXONOMY

category:	['IoT', 'ICS']	sub_category:	-	Trust: 1.2
category:	['ICS']	sub_category:	-	Trust: 0.8

sources: IVD: 7d7f9cf0-463f-11e9-b009-000c29342cb1 // IVD: 3da8f836-2038-11e6-abef-000c29c66e3d // IVD: 3c03ec34-2038-11e6-abef-000c29c66e3d // IVD: 7d7f9cf2-463f-11e9-adeb-000c29342cb1 // CNVD: CNVD-2004-0508 // CNVD: CNVD-2004-0507

AFFECTED PRODUCTS

vendor:

model:

scope:

version:

Trust: 1.2

sources: CNVD: CNVD-2004-0508 // CNVD: CNVD-2004-0507

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD:	7d7f9cf0-463f-11e9-b009-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	3da8f836-2038-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
IVD:	3c03ec34-2038-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
IVD:	7d7f9cf2-463f-11e9-adeb-000c29342cb1
value:	HIGH
Trust: 0.2

IVD:	7d7f9cf0-463f-11e9-b009-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	3da8f836-2038-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	3c03ec34-2038-11e6-abef-000c29c66e3d
severity:	NONE
baseScore:	NONE
vectorString:	NONE
accessVector:	NONE
accessComplexity:	NONE
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	UNKNOWN
Trust: 0.2
IVD:	7d7f9cf2-463f-11e9-adeb-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

TYPE

Buffer overflow

Trust: 0.4

sources: IVD: 7d7f9cf0-463f-11e9-b009-000c29342cb1 // IVD: 7d7f9cf2-463f-11e9-adeb-000c29342cb1

EXTERNAL IDS

db:	XF	id:	15264	Trust: 1.2
db:	NVD	id:	CAN-2004-0306	Trust: 1.2
db:	CNCVE	id:	CNCVE-20040306	Trust: 1.2
db:	BID	id:	9699	Trust: 1.2
db:	CNVD	id:	CNVD-2004-0508	Trust: 1.0
db:	CNVD	id:	CNVD-2004-0507	Trust: 1.0
db:	IVD	id:	7D7F9CF0-463F-11E9-B009-000C29342CB1	Trust: 0.2
db:	IVD	id:	3DA8F836-2038-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	3C03EC34-2038-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	7D7F9CF2-463F-11E9-ADEB-000C29342CB1	Trust: 0.2

REFERENCES

url:	http://www.securityfocus.com/bid/9699	Trust: 2.4
url:	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0306	Trust: 1.2
url:	http://xforce.iss.net/xforce/xfdb/15264	Trust: 1.2

sources: CNVD: CNVD-2004-0508 // CNVD: CNVD-2004-0507

SOURCES

db:	IVD	id:	7d7f9cf0-463f-11e9-b009-000c29342cb1
db:	IVD	id:	3da8f836-2038-11e6-abef-000c29c66e3d
db:	IVD	id:	3c03ec34-2038-11e6-abef-000c29c66e3d
db:	IVD	id:	7d7f9cf2-463f-11e9-adeb-000c29342cb1
db:	CNVD	id:	CNVD-2004-0508
db:	CNVD	id:	CNVD-2004-0507

LAST UPDATE DATE

2022-05-04T09:01:24.989000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2004-0508	date:	2004-02-19T00:00:00
db:	CNVD	id:	CNVD-2004-0507	date:	2004-02-19T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d7f9cf0-463f-11e9-b009-000c29342cb1	date:	2004-02-19T00:00:00
db:	IVD	id:	3da8f836-2038-11e6-abef-000c29c66e3d	date:	2004-02-19T00:00:00
db:	IVD	id:	3c03ec34-2038-11e6-abef-000c29c66e3d	date:	2004-02-19T00:00:00
db:	IVD	id:	7d7f9cf2-463f-11e9-adeb-000c29342cb1	date:	2004-02-19T00:00:00
db:	CNVD	id:	CNVD-2004-0508	date:	2004-02-19T00:00:00
db:	CNVD	id:	CNVD-2004-0507	date:	2004-02-19T00:00:00