Vulnerability Name:

CVE-2006-1672 (CCN-25647)

Assigned:2006-04-05
Published:2006-04-05
Updated:2018-10-30
Summary:The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2006-1672

Source: CCN
Type: SA19553
Cisco Optical Networking System 15000 Series Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
19553

Source: CCN
Type: SECTRACK ID: 1015871
Cisco Transport Controller Installs With Broad Java Policy Permissions Which Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1015871

Source: CCN
Type: cisco-sa-20060405-ons
Cisco Security Advisory: Cisco Optical Networking System 15000 Series and Cisco Transport Controller Vulnerabilities

Source: CISCO
Type: UNKNOWN
20060405 Cisco Optical Networking System 15000 Series and Cisco Transport Controller Vulnerabilities

Source: OSVDB
Type: UNKNOWN
24438

Source: CCN
Type: OSVDB ID: 24438
Cisco ONS 15000 Series CTC Launcher java.policy Permission Weakness Arbitrary Code Execution

Source: BID
Type: UNKNOWN
17384

Source: CCN
Type: BID-17384
Cisco Optical Networking System and Transport Controller Multiple Vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2006-1256

Source: XF
Type: UNKNOWN
cisco-ons-ctc-code-execution(25647)

Source: XF
Type: UNKNOWN
cisco-ons-ctc-code-execution(25647)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:transport_controller:4.0.x:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:1.1(0):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:1.1(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:1.3(0):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.0(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.1(0):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.1(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.1(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.6(0):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:optical_networking_systems_software:4.6(1):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ons_15310-cl_series:0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ons_15600:0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ons_15454_mstp:*:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ons_15310-cl:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ons_15600:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco transport controller 4.0.x
    cisco optical networking systems software 1.0
    cisco optical networking systems software 1.1
    cisco optical networking systems software 1.1(0)
    cisco optical networking systems software 1.1(1)
    cisco optical networking systems software 1.3(0)
    cisco optical networking systems software 3.0
    cisco optical networking systems software 3.1.0
    cisco optical networking systems software 3.2
    cisco optical networking systems software 3.3.0
    cisco optical networking systems software 3.4.0
    cisco optical networking systems software 4.0(1)
    cisco optical networking systems software 4.0(2)
    cisco optical networking systems software 4.0.0
    cisco optical networking systems software 4.1(0)
    cisco optical networking systems software 4.1(1)
    cisco optical networking systems software 4.1(2)
    cisco optical networking systems software 4.1(3)
    cisco optical networking systems software 4.1.4
    cisco optical networking systems software 4.6(0)
    cisco optical networking systems software 4.6(1)
    cisco ons 15310-cl series 0
    cisco ons 15600 0
    cisco ons 15454 mspp *
    cisco ons 15454 mstp *
    cisco ons 15454 mspp *
    cisco ons 15310-cl *
    cisco ons 15600 *