The affected Cisco controller cards permit an unauthenticated attacker to send a malicious payload, which causes the control card to reset, causing a temporary denial of service. This can be repeated indefinitely by the attacker, causing a continued denial of service.
Cisco ONS 15454 Controller Cards
No Exploit Available
Denial of Service
Exploitation of this vulnerability will cause the device to reset, causing a denial of service condition. Attackers can continue sending malicious payloads to continue the denial of service condition indefinitely.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 31758 - Cisco ONS 15454 Denial of Service (20131205) (Zero-Day)
If possible, keep the affected device behind a firewall and VPN to protect against external attacks.
- Vendor Alert: CVE-2013-6702
- Vendor Alert: CVE-2013-6703
- Vendor Security Notice: CVE-2013-6702
- Vendor Security Notice: CVE-2013-6703