Denial of Service Vulnerability in Cisco ONS 15454 Controller Cards
CVE-2014-2141

Currently unrated

Key Information:

Vendor: Cisco
Status: Cisco Ons 15454 System Software; Ons 15454
Vendor: CVE Published:; 10 April 2014

Summary

The Cisco ONS 15454 controller cards with software version 9.6 and earlier feature a flaw in session-termination functionality due to an uninitialized pointer. This vulnerability allows remote authenticated users to exploit crafted session-close actions, leading to a denial of service by triggering a card reset. It highlights the importance of ensuring proper session management in network devices to maintain system reliability and availability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 10, 2014
Vulnerability Reserved
Feb 25, 2014