CVE-2004-1433 [Medium] | Denial of Service in Optical Networking System…

Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	3.31%	4.09%	+0.78%
2	2025-03-30	4.90%	3.31%	-1.59%
3	2025-03-29	—	4.90%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

3.31%

4.09%

+0.78%

2025-03-30

4.90%

3.31%

-1.59%

2025-03-29

—

4.90%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.0	2.0	MEDIUM	`AV:N/AC:L/Au:N/C:N/I:N/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:N) No confidentiality impact. Integrity impact (I:N) No integrity impact. Availability impact (A:P) Partial availability impact.	10.0	2.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

5.0

2.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:N): No confidentiality impact.
Integrity impact (I:N): No integrity impact.
Availability impact (A:P): Partial availability impact.

10.0

2.9

[email protected]

Affected software / configurations for CVE-2004-1433

References for CVE-2004-1433

URL	Tags
http://secunia.com/advisories/12117
http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml	Vendor Advisory
http://www.kb.cert.org/vuls/id/486224	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/800384	Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/10768
https://exchange.xforce.ibmcloud.com/vulnerabilities/16762
https://exchange.xforce.ibmcloud.com/vulnerabilities/16764

URL

CVE-2004-1433

Exploit prediction scoring system (EPSS) score for CVE-2004-1433

Common vulnerability scoring system (CVSS) metrics for CVE-2004-1433

Weakness enumeration for CVE-2004-1433

Affected software / configurations for CVE-2004-1433

References for CVE-2004-1433

Vendor	Product	Version	Raw CPE
cisco	optical_networking_systems_software	1.0	cpe:2.3:a:cisco:optical_networking_systems_software:1.0:::::::*
cisco	optical_networking_systems_software	1.1	cpe:2.3:a:cisco:optical_networking_systems_software:1.1:::::::*
cisco	optical_networking_systems_software	1.1\(0\)	cpe:2.3:a:cisco:optical_networking_systems_software:1.1\(0\):::::::*
cisco	optical_networking_systems_software	1.1\(1\)	cpe:2.3:a:cisco:optical_networking_systems_software:1.1\(1\):::::::*
cisco	optical_networking_systems_software	1.3\(0\)	cpe:2.3:a:cisco:optical_networking_systems_software:1.3\(0\):::::::*
cisco	optical_networking_systems_software	2.3\(5\)	cpe:2.3:a:cisco:optical_networking_systems_software:2.3\(5\):::::::*
cisco	optical_networking_systems_software	3.0	cpe:2.3:a:cisco:optical_networking_systems_software:3.0:::::::*
cisco	optical_networking_systems_software	3.1.0	cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:::::::*
cisco	optical_networking_systems_software	3.2	cpe:2.3:a:cisco:optical_networking_systems_software:3.2:::::::*
cisco	optical_networking_systems_software	3.2.0	cpe:2.3:a:cisco:optical_networking_systems_software:3.2.0:::::::*
cisco	optical_networking_systems_software	3.3.0	cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:::::::*
cisco	optical_networking_systems_software	3.4.0	cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:::::::*
cisco	optical_networking_systems_software	4.0\(0\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(0\):::::::*
cisco	optical_networking_systems_software	4.0\(1\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(1\):::::::*
cisco	optical_networking_systems_software	4.0\(2\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(2\):::::::*
cisco	optical_networking_systems_software	4.0.0	cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:::::::*
cisco	optical_networking_systems_software	4.1\(0\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(0\):::::::*
cisco	optical_networking_systems_software	4.1\(1\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(1\):::::::*
cisco	optical_networking_systems_software	4.1\(2\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(2\):::::::*
cisco	optical_networking_systems_software	4.1\(3\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(3\):::::::*
cisco	optical_networking_systems_software	4.5	cpe:2.3:a:cisco:optical_networking_systems_software:4.5:::::::*
cisco	optical_networking_systems_software	4.6\(0\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.6\(0\):::::::*
cisco	optical_networking_systems_software	4.6\(1\)	cpe:2.3:a:cisco:optical_networking_systems_software:4.6\(1\):::::::*