CVE-2004-0308 - OpenCVE

Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Optical Networking Systems Software

Configuration 1 [-]

OR	cpe:2.3:a:cisco:optical_networking_systems_software:1.0:::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(1\):::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(2\):::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(0\):::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(1\):::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(2\):::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(3\):::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:::::::*
	cpe:2.3:a:cisco:optical_networking_systems_software:4.5:::::::*

No data.

References

Link	Providers
http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml
http://www.osvdb.org/4010
http://www.securityfocus.com/bid/9699
https://exchange.xforce.ibmcloud.com/vulnerabilities/15266

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-03-18T05:00:00

Updated: 2024-08-08T00:17:14.298Z

Reserved: 2004-03-17T00:00:00

Link: CVE-2004-0308

Vulnrichment

No data.

NVD

Status : Modified

Published: 2004-11-24T05:00:00.000

Modified: 2018-10-30T16:26:17.390

Link: CVE-2004-0308

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-02-19T00:00:00", "descriptions": [{"lang": "en", "value": "Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"}, {"name": "cisco-ons-gain-access(15266)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15266"}, {"name": "4010", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/4010"}, {"name": "9699", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/9699"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0308", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"}, {"name": "cisco-ons-gain-access(15266)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15266"}, {"name": "4010", "refsource": "OSVDB", "url": "http://www.osvdb.org/4010"}, {"name": "9699", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9699"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:17:14.298Z"}, "title": "CVE Program Container", "references": [{"name": "20040219 Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"}, {"name": "cisco-ons-gain-access(15266)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15266"}, {"name": "4010", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/4010"}, {"name": "9699", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/9699"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0308", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:17:14.298Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D1888FF-6126-4F40-A7EA-1ED5123FA729", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "10988AA9-A807-4E70-8197-6F9EFC13AE86", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "C8951276-CDEF-4F54-93DF-B96DB10E6530", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D886A75-5A73-4B1C-8B2A-45D589267B37", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(0\\):*:*:*:*:*:*:*", "matchCriteriaId": "D5A594C2-98BB-4AC5-9CC5-89FE97D63323", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "9B35325A-98F6-41DF-ADD8-91ED992A3ED3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "F0B06C5B-73C2-47F1-9ED6-B59F9C1C5AF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "D9758019-F6EA-4552-B070-5A9EBE73BB86", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E75DB3F4-94A8-4341-9C01-1F0DC25A3402", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:optical_networking_systems_software:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "BA524BE1-6B13-455A-96EA-17C1A71BD0F2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell."}, {"lang": "es", "value": "Vulnerabilidad desconocida en Cisco ONS 15327 anteriores a 4.1(3), ONS 15454 anteriores a 4.6(1), ONS 15454 SD anteriores a 4.1(3), y Cisco ONS15600 anteriores a 1.3(0) permiten a un superusuario cuya cuenta est\u00e1 bloquada, deshabilitada o suspendida ganar acceso no autorizado mediante una conexi\u00f3n Telnet al interfaz VxWorks."}], "id": "CVE-2004-0308", "lastModified": "2018-10-30T16:26:17.390", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-11-24T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040219-ONS.shtml"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/4010"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/9699"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15266"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}