Vulnerability Description
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Optical Networking Systems Software | 3.0 |
References
- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtmlPatchVendor Advisory
- http://www.iss.net/security_center/static/10505.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/6076PatchVendor Advisory
- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtmlPatchVendor Advisory
- http://www.iss.net/security_center/static/10505.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/6076PatchVendor Advisory
FAQ
What is CVE-2002-1553?
CVE-2002-1553 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a usernam...
How severe is CVE-2002-1553?
CVE-2002-1553 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1553?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Optical Networking Systems Software.