Vulnerabilities > Cisco > Optical Networking Systems Software > 3.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-03-31 | CVE-2002-1555 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2003-03-31 | CVE-2002-1554 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | 4.6 |
| 2003-03-31 | CVE-2002-1553 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist. | 7.5 |
| 2002-10-04 | CVE-2002-0952 | Denial Of Service vulnerability in Cisco Optical Networking Systems Software 3.1.0/3.2.0 Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. | 5.0 |