CVE-2006-1671

Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558.

Published: 2006-04-07 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2006-1671 is rated Moderate Risk (50.2/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 2.51%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-1671

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-05-01 1.94% 2.51% +0.57%
2 2025-03-30 1.81% 1.94% +0.13%
3 2025-03-29 1.81%

Full EPSS history (8 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-1671

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2006-1671

NVD evaluator notes for CVE-2006-1671

Solution: The vendor has released fixes to address these issues.

Affected software / configurations for CVE-2006-1671

Vendor Product Version Raw CPE
cisco transport_controller 4.0.x cpe:2.3:a:cisco:transport_controller:4.0.x:*:*:*:*:*:*:*
cisco optical_networking_systems_software 1.0 cpe:2.3:a:cisco:optical_networking_systems_software:1.0:*:*:*:*:*:*:*
cisco optical_networking_systems_software 1.1 cpe:2.3:a:cisco:optical_networking_systems_software:1.1:*:*:*:*:*:*:*
cisco optical_networking_systems_software 1.1\(0\) cpe:2.3:a:cisco:optical_networking_systems_software:1.1\(0\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 1.1\(1\) cpe:2.3:a:cisco:optical_networking_systems_software:1.1\(1\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 1.3\(0\) cpe:2.3:a:cisco:optical_networking_systems_software:1.3\(0\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 3.0 cpe:2.3:a:cisco:optical_networking_systems_software:3.0:*:*:*:*:*:*:*
cisco optical_networking_systems_software 3.1.0 cpe:2.3:a:cisco:optical_networking_systems_software:3.1.0:*:*:*:*:*:*:*
cisco optical_networking_systems_software 3.2 cpe:2.3:a:cisco:optical_networking_systems_software:3.2:*:*:*:*:*:*:*
cisco optical_networking_systems_software 3.3.0 cpe:2.3:a:cisco:optical_networking_systems_software:3.3.0:*:*:*:*:*:*:*
cisco optical_networking_systems_software 3.4.0 cpe:2.3:a:cisco:optical_networking_systems_software:3.4.0:*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.0\(1\) cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(1\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.0\(2\) cpe:2.3:a:cisco:optical_networking_systems_software:4.0\(2\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.0.0 cpe:2.3:a:cisco:optical_networking_systems_software:4.0.0:*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.1\(0\) cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(0\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.1\(1\) cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(1\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.1\(2\) cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(2\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.1\(3\) cpe:2.3:a:cisco:optical_networking_systems_software:4.1\(3\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.1.4 cpe:2.3:a:cisco:optical_networking_systems_software:4.1.4:*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.6\(0\) cpe:2.3:a:cisco:optical_networking_systems_software:4.6\(0\):*:*:*:*:*:*:*
cisco optical_networking_systems_software 4.6\(1\) cpe:2.3:a:cisco:optical_networking_systems_software:4.6\(1\):*:*:*:*:*:*:*
cisco ons_15310-cl_series 0 cpe:2.3:h:cisco:ons_15310-cl_series:0:*:*:*:*:*:*:*
cisco ons_15600 0 cpe:2.3:h:cisco:ons_15600:0:*:*:*:*:*:*:*
cisco ons_15454_mspp cpe:2.3:o:cisco:ons_15454_mspp:*:*:*:*:*:*:*:*

References for CVE-2006-1671

cvelogic Threat Intelligence