Denial of Service Vulnerability in Cisco ONS Products
CVE-2002-1556

Currently unrated

Key Information:

Vendor: Cisco
Status: Optical Networking Systems Software
Vendor: CVE Published:; 31 March 2003

What is CVE-2002-1556?

Cisco ONS15454 and ONS15327 systems with software versions prior to 3.4 are susceptible to a denial of service attack. Attackers can exploit this vulnerability by sending an HTTP request containing an invalid CORBA Interoperable Object Reference (IOR) to the TCC or TCC+ components, resulting in a system reset. This type of attack can disrupt service and is a significant concern for network stability.

References

http://www.securityfocus.com/bid/6084

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/10508.php

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/ons-multiple-vuln-pu...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2003
Vulnerability Reserved
Mar 4, 2003