Remote Denial of Service Vulnerability in Cisco ONS 15454 Controller Cards
CVE-2014-2140

Currently unrated

Key Information:

Vendor: Cisco
Status: Cisco Ons 15454 System Software; Ons 15454
Vendor: CVE Published:; 12 April 2014

Summary

A vulnerability exists in Cisco ONS 15454 controller cards that allows remote attackers to execute a denial of service attack. By leveraging a TCP FIN attack, attackers can trigger file-descriptor exhaustion, resulting in the failure to open a CAL pipe and forcing a card reset. This can severely disrupt network operations and compromise system availability.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Apr 12, 2014
Vulnerability Reserved
Feb 25, 2014