CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1558

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0670%
EPSS Percentile7.72th
PublishedMar 31, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.

Affected Platforms (CPE)

πŸ“¦
Cisco

Optical Networking Systems Software

= 3.0
πŸ“¦
Cisco

Optical Networking Systems Software

= 3.1.0
πŸ“¦
Cisco

Optical Networking Systems Software

= 3.2
πŸ“¦
Cisco

Optical Networking Systems Software

= 3.2.0
πŸ“¦
Cisco

Optical Networking Systems Software

= 3.3.0

References & Advisories

πŸ”— http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
πŸ”— http://www.iss.net/security_center/static/10510.php
πŸ”— http://www.securityfocus.com/bid/6083
πŸ”— http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
πŸ”— http://www.iss.net/security_center/static/10510.php
πŸ”— http://www.securityfocus.com/bid/6083

Related Vulnerabilities

CVE-2002-000710.0

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a re...

CVE-2002-019810.0

Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attacke...

CVE-2002-000510.0

Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary...

CVE-2002-164110.0

Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary ...