Cisco ONS15454 and ONS15327 running ONS prior to 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow malicious users to gain privileges by obtaining the passwords from the image database or a backup.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco optical networking systems software 3.3.0 |
||
cisco optical networking systems software 3.2.0 |
||
cisco optical networking systems software 3.1.0 |
||
cisco optical networking systems software 3.0 |
||
cisco optical networking systems software 3.2 |