Cleartext Credentials in Cisco ONS15454 and ONS15327
CVE-2002-1554

Currently unrated

Key Information:

Vendor: Cisco
Status: Optical Networking Systems Software
Vendor: CVE Published:; 31 March 2003

Summary

The Cisco ONS15454 and ONS15327 devices store sensitive usernames and passwords in cleartext within their image databases. This design flaw may allow an unauthorized user or attacker to access confidential information, thereby gaining potential privileges. It's essential for users and administrators to upgrade to the latest software versions to mitigate risks associated with this vulnerability.

References

http://www.iss.net/security_center/static/10506.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/6078

vdb-entryx_refsource_BID

http://www.cisco.com/warp/public/707/ons-multiple-vuln-pu...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Mar 31, 2003
Vulnerability Reserved
Mar 4, 2003