BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Cisco ONS 15454 Denial of Service

Disclosed December 3, 2013    Zeroday : 287 days

Vulnerability Description:

The affected Cisco controller cards permit an unauthenticated attacker to send a malicious payload, which causes the control card to reset, causing a temporary denial of service. This can be repeated indefinitely by the attacker, causing a continued denial of service.

Vendors:

Cisco

Vulnerable Software/Devices:

Cisco ONS 15454 Controller Cards

Vulnerability Severity:

Medium

Exploit Availability:

No Exploit Available

Exploit Impact:

Denial of Service
Exploitation of this vulnerability will cause the device to reset, causing a denial of service condition. Attackers can continue sending malicious payloads to continue the denial of service condition indefinitely.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 31758 - Cisco ONS 15454 Denial of Service (20131205) (Zero-Day)

Mitigation:

If possible, keep the affected device behind a firewall and VPN to protect against external attacks.

Links:

CVE(s):