CVE-2004-0306
First published: Wed Sep 01 2004(Updated: )
Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Optical Network Controller | =4.0.0 | |
| Cisco Optical Network Controller | =1.0 | |
| Cisco Optical Network Controller | =4.1\(2\) | |
| Cisco Optical Network Controller | =4.1\(3\) | |
| Cisco Optical Network Controller | =4.0\(2\) | |
| Cisco Optical Network Controller | =4.1.0 | |
| Cisco Optical Network Controller | =4.1\(0\) | |
| Cisco Optical Network Controller | =4.1\(1\) | |
| Cisco Optical Network Controller | =4.0\(1\) | |
| Cisco Optical Network Controller | =4.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-0306?
CVE-2004-0306 is considered a critical vulnerability due to the risk of unauthorized access to system files.
How do I fix CVE-2004-0306?
To mitigate CVE-2004-0306, disable the TFTP service on UDP port 69 in your Cisco Optical Networking systems.
What devices are affected by CVE-2004-0306?
CVE-2004-0306 affects Cisco ONS 15327, ONS 15454, ONS 15454 SD, and ONS 15600 devices running specific vulnerable versions.
Is there a patch available for CVE-2004-0306?
Yes, patches are available for affected Cisco Optical Networking software versions to address CVE-2004-0306.
How does CVE-2004-0306 impact network security?
CVE-2004-0306 can allow remote attackers to read or modify critical system files, severely compromising network security.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco optical network controller
- version/cisco optical network controller/4.0.0
- version/cisco optical network controller/1.0
- version/cisco optical network controller/4.1\(2\)
- version/cisco optical network controller/4.1\(3\)
- version/cisco optical network controller/4.0\(2\)
- version/cisco optical network controller/4.1.0
- version/cisco optical network controller/4.1\(0\)
- version/cisco optical network controller/4.1\(1\)
- version/cisco optical network controller/4.0\(1\)
- version/cisco optical network controller/4.5