VAR-200207-0084
Vulnerability from variot - Updated: 2025-04-03 22:19Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. The Nortel Networks CVX 1800 Multi-Service Access Switch discloses privileged information. The device contains a default SNMP community string of "public", which may allow enable a remote attacker to gain access to sensitive information such as authentication credentials for local accounts on the device, network infrastructure info, etc. The Nortel CVX 1800 multi-service access gateway device has a default SNMP communication password \"public\". Remote attackers can use this password to obtain system sensitive information such as passwords and network structure. According to the test, the attacker can obtain the username and password information for accessing the Telnet service. An attacker can use the route command or view gateway to obtain the IP address of the Nortel CVX 1800 multi-service access gateway
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200207-0084",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cvx 1800 multi-service access switch",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "3.6.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": "networks cvx multiservice access switch p5",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "18003.6.3"
},
{
"model": "networks cvx multiservice access switch p25",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "18003.6.3"
},
{
"model": "networks cvx multiservice access switch p24",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "18003.6.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#403315"
},
{
"db": "BID",
"id": "4507"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Rawls\u203b bugtraq@shadowstorm.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0540",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0540",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0540",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#403315",
"trust": 0.8,
"value": "22.50"
},
{
"author": "CNNVD",
"id": "CNNVD-200207-060",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4932",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#403315"
},
{
"db": "VULHUB",
"id": "VHN-4932"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel CVX 1800 is installed with a default \"public\" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. The Nortel Networks CVX 1800 Multi-Service Access Switch discloses privileged information. \nThe device contains a default SNMP community string of \"public\", which may allow enable a remote attacker to gain access to sensitive information such as authentication credentials for local accounts on the device, network infrastructure info, etc. The Nortel CVX 1800 multi-service access gateway device has a default SNMP communication password \\\"public\\\". Remote attackers can use this password to obtain system sensitive information such as passwords and network structure. According to the test, the attacker can obtain the username and password information for accessing the Telnet service. An attacker can use the route command or view gateway to obtain the IP address of the Nortel CVX 1800 multi-service access gateway",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0540"
},
{
"db": "CERT/CC",
"id": "VU#403315"
},
{
"db": "BID",
"id": "4507"
},
{
"db": "VULHUB",
"id": "VHN-4932"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-4932",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4932"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4507",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#403315",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2002-0540",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020413 NORTEL CVX 1800S WILL DUMP ALL LOCAL USER NAMES AND PASSWORDS VIA SNMP",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020419 RE: NORTEL CVX 1800S WILL DUMP ALL LOCAL USER NAMES AND PASSWORDS VIA SNMP",
"trust": 0.6
},
{
"db": "XF",
"id": "8848",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21378",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75205",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-4932",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#403315"
},
{
"db": "VULHUB",
"id": "VHN-4932"
},
{
"db": "BID",
"id": "4507"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"id": "VAR-200207-0084",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4932"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:19:26.764000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://online.securityfocus.com/archive/1/267627"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/4507"
},
{
"trust": 2.5,
"url": "http://www.iss.net/security_center/static/8848.php"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0272.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/403315"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/cvx/cvx_1800/"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/corporate/technology/snpmv1.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#403315"
},
{
"db": "VULHUB",
"id": "VHN-4932"
},
{
"db": "BID",
"id": "4507"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#403315"
},
{
"db": "VULHUB",
"id": "VHN-4932"
},
{
"db": "BID",
"id": "4507"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-16T00:00:00",
"db": "CERT/CC",
"id": "VU#403315"
},
{
"date": "2002-07-03T00:00:00",
"db": "VULHUB",
"id": "VHN-4932"
},
{
"date": "2002-04-15T00:00:00",
"db": "BID",
"id": "4507"
},
{
"date": "2002-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"date": "2002-07-03T04:00:00",
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#403315"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4932"
},
{
"date": "2009-07-11T11:56:00",
"db": "BID",
"id": "4507"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200207-060"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0540"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Networks CVX 1800 discloses privileged information",
"sources": [
{
"db": "CERT/CC",
"id": "VU#403315"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "4507"
},
{
"db": "CNNVD",
"id": "CNNVD-200207-060"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…