Summaryinfo

A vulnerability classified as problematic has been found in Cisco ONS 15454 10.30/10.301. The affected element is an unknown function of the component tNetTask. This manipulation causes resource management. This vulnerability is tracked as CVE-2015-0765. No exploit exists.

Detailsinfo

A vulnerability was found in Cisco ONS 15454 10.30/10.301. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component tNetTask. The manipulation with an unknown input leads to a resource management vulnerability. The CWE definition for the vulnerability is CWE-399. As an impact it is known to affect availability. The summary by CVE is:

Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263.

The weakness was disclosed 06/03/2015 as 39172 as confirmed vulnerability alert (Website). The advisory is shared at tools.cisco.com. This vulnerability is known as CVE-2015-0765 since 01/07/2015. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Neither technical details nor an exploit are publicly available.

The vulnerability is also documented in the vulnerability database at X-Force (103592). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• Cisco

Name

• ONS 15454

Version

• 10.30
• 10.301

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion