SNMP Vulnerability in Cisco ONS Series Products
CVE-2002-1555

Currently unrated

Key Information:

Vendor: Cisco
Status: Optical Networking Systems Software
Vendor: CVE Published:; 31 March 2003

What is CVE-2002-1555?

A vulnerability exists in Cisco ONS15454 and ONS15327 products which utilize a fixed 'public' SNMP community string that cannot be altered. This design flaw permits remote attackers to gain unauthorized access to sensitive information, as they can exploit this predictable community string to query the device for crucial data. Organizations should ensure that appropriate security measures are in place to mitigate the risk associated with this issue.

References

http://www.iss.net/security_center/static/10507.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/6081

vdb-entryx_refsource_BID

http://www.cisco.com/warp/public/707/ons-multiple-vuln-pu...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2003
Vulnerability Reserved
Mar 4, 2003