CVE-2008-3818 - Vulnerability Details - OpenCVE

Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ons Ons 15310-cl Ons 15310-ma Ons 15327 Ons 15454 Ons 15454sdh Ons 15600

Configuration 1 [-]

AND

OR	cpe:2.3:a:cisco:ons:7.0.2:::::::*
	cpe:2.3:a:cisco:ons:7.0.4:::::::*
	cpe:2.3:a:cisco:ons:7.0.5:::::::*
	cpe:2.3:a:cisco:ons:7.2.0:::::::*
	cpe:2.3:a:cisco:ons:7.2.2:::::::*
	cpe:2.3:a:cisco:ons:8.0:::::::*
	cpe:2.3:a:cisco:ons:8.5.0:::::::*
	cpe:2.3:a:cisco:ons:8.5.1:::::::*
	cpe:2.3:a:cisco:ons:8.5.2:::::::*

OR	cpe:2.3:h:cisco:ons_15310-cl::::::::
	cpe:2.3:h:cisco:ons_15310-ma::::::::
	cpe:2.3:h:cisco:ons_15327::::::::
	cpe:2.3:h:cisco:ons_15454::::::::
	cpe:2.3:h:cisco:ons_15454sdh::::::::
	cpe:2.3:h:cisco:ons_15600::::::::

No data.

References

Link	Providers
http://securitytracker.com/id?1021592
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml
http://www.securityfocus.com/bid/33261
http://www.vupen.com/english/advisories/2009/0139
https://exchange.xforce.ibmcloud.com/vulnerabilities/47940

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2009-01-16T21:00:00

Updated: 2024-08-07T09:53:00.276Z

Reserved: 2008-08-27T00:00:00

Link: CVE-2008-3818

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-01-16T21:30:00.187

Modified: 2024-11-21T00:50:11.960

Link: CVE-2008-3818

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "cisco-ons-controlcard-dos(47940)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"}, {"name": "ADV-2009-0139", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0139"}, {"name": "20090114 Cisco ONS Platform Crafted Packet Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"}, {"name": "1021592", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1021592"}, {"name": "33261", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33261"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2008-3818", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "cisco-ons-controlcard-dos(47940)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"}, {"name": "ADV-2009-0139", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0139"}, {"name": "20090114 Cisco ONS Platform Crafted Packet Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"}, {"name": "1021592", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1021592"}, {"name": "33261", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33261"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:53:00.276Z"}, "title": "CVE Program Container", "references": [{"name": "cisco-ons-controlcard-dos(47940)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"}, {"name": "ADV-2009-0139", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0139"}, {"name": "20090114 Cisco ONS Platform Crafted Packet Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"}, {"name": "1021592", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1021592"}, {"name": "33261", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33261"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2008-3818", "datePublished": "2009-01-16T21:00:00", "dateReserved": "2008-08-27T00:00:00", "dateUpdated": "2024-08-07T09:53:00.276Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:ons:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1A4A568B-304B-4523-9441-1179D372BA83", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5DCC483E-B58E-403C-8080-FB0B0DCB777F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "37416556-05E2-48F8-ABED-038459B0FBA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "6D2E8DD7-5086-4073-990B-5F5D92FAEF33", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1449B3C0-A485-4E8A-8337-64C1E85596E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "682C2AF5-EB85-437B-A147-5CB92610A8C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "49A99E5A-6190-458F-9191-5CEA774F121C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:8.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EE6182B-2A77-47B1-AB8A-8E12C2CD905E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:ons:8.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "62992D9B-8D46-436A-B115-F7B687A24776", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ons_15310-cl:*:*:*:*:*:*:*:*", "matchCriteriaId": "67D1F3C9-85A5-44F9-8198-28FFDF87A3C0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ons_15310-ma:*:*:*:*:*:*:*:*", "matchCriteriaId": "3769407E-D311-45DF-86D7-46098F5B6C36", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ons_15327:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F98E52B-161E-41B7-BCFD-EA6E53FA23B4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ons_15454:*:*:*:*:*:*:*:*", "matchCriteriaId": "054BA906-B607-4A65-A6E3-D3D7F8096235", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ons_15454sdh:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FE53BD6-BE23-40A5-BE4E-62B3088EC8B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ons_15600:*:*:*:*:*:*:*:*", "matchCriteriaId": "811149AD-89DC-4D93-A598-F6318C9EA64B", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session."}, {"lang": "es", "value": "Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, y 15600 con software v7.0.2 hasta v7.0.6, v7.2.2, v8.0.x, v8.5.1, y v8.5.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de tarjeta de control) mediante una sesi\u00f3n TCP manipulada."}], "id": "CVE-2008-3818", "lastModified": "2024-11-21T00:50:11.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-01-16T21:30:00.187", "references": [{"source": "ykramarz@cisco.com", "url": "http://securitytracker.com/id?1021592"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/33261"}, {"source": "ykramarz@cisco.com", "url": "http://www.vupen.com/english/advisories/2009/0139"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1021592"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33261"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/0139"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47940"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}