CVE-2004-1436

Published: Dec 31, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters.

Affected (23)

Products: Cisco: Optical Networking Systems Software

Cisco

1 product

Optical Networking Systems Software

Configuration A

23 vulnerable

Vulnerable Software	Affected Versions
Cisco Optical Networking Systems Software	Version 1.0
Cisco Optical Networking Systems Software	Version 1.1
Cisco Optical Networking Systems Software	Version 1.1(0)
Cisco Optical Networking Systems Software	Version 1.1(1)
Cisco Optical Networking Systems Software	Version 1.3(0)
Cisco Optical Networking Systems Software	Version 2.3(5)
Cisco Optical Networking Systems Software	Version 3.0
Cisco Optical Networking Systems Software	Version 3.1.0
Cisco Optical Networking Systems Software	Version 3.2.0
Cisco Optical Networking Systems Software	Version 3.2
Cisco Optical Networking Systems Software	Version 3.3.0
Cisco Optical Networking Systems Software	Version 3.4.0
Cisco Optical Networking Systems Software	Version 4.0.0
Cisco Optical Networking Systems Software	Version 4.0(0)
Cisco Optical Networking Systems Software	Version 4.0(1)
Cisco Optical Networking Systems Software	Version 4.0(2)
Cisco Optical Networking Systems Software	Version 4.1(0)
Cisco Optical Networking Systems Software	Version 4.1(1)
Cisco Optical Networking Systems Software	Version 4.1(2)
Cisco Optical Networking Systems Software	Version 4.1(3)
Cisco Optical Networking Systems Software	Version 4.5
Cisco Optical Networking Systems Software	Version 4.6(0)
Cisco Optical Networking Systems Software	Version 4.6(1)