Cisco ONS15454 and ONS15327 running ONS prior to 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote malicious users to gain privileges by connecting to the account via Telnet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco optical networking systems software 3.0 |
||
cisco optical networking systems software 3.1.0 |
||
cisco optical networking systems software 3.2 |
||
cisco optical networking systems software 3.3.0 |
||
cisco optical networking systems software 3.2.0 |