search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Cisco Transaction Language 1 (TL1) interface fails to properly validate accounts with blank passwords

Vulnerability Note VU#760432

Original Release Date: 2004-07-27 | Last Revised: 2004-08-05


There is a vulnerability in the Cisco Transaction Language 1 (TL1) login interface that could allow a remote attacker to gain access to a Cisco ONS device.


Transaction Language 1 (TL1) is a widely used telecommunications management protocol. A default account, CISCO15, contains a blank password, which is to be changed during the install process. There is a vulnerability in the way the TL1 login interface processes long passwords that could permit an attacker to access the Cisco ONS device for accounts that have a blank password. A remote attacker could successfully authenticate to such an account using any password longer than ten characters. The CISCO15 account has super-user privileges.

Note: This issues does not affect the CTC login interface.

Cisco ONS 15327 Edge Optical Transport Platform releases:

    • 4.6(0) and 4.6(1)

Cisco ONS 15454 Optical Transport Platform releases:
    • 4.6(0) and 4.6(1)

Cisco ONS 15454 SDH Multiplexer Platform releases:
    • 4.6(0) and 4.6(1)

Not Vulnerable:
Cisco ONS 15600 Multiservice Switching Platform


A remote attacker could gain access to an account with a blank password set.



Please refer to the "Software Versions and Fixes" section of the Cisco Advisory for more information on upgrading.

Vendor Information


Cisco Systems Inc. Affected

Updated:  July 27, 2004



Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


Please refer to the Cisco Advisory "Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities".

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector



This vulnerability was reported by the Cisco Systems Product Security Incident Response Team (PSIRT).

This document was written by Damon Morda based on information provided by Cisco.

Other Information

CVE IDs: None
Severity Metric: 7.09
Date Public: 2004-07-21
Date First Published: 2004-07-27
Date Last Updated: 2004-08-05 17:55 UTC
Document Revision: 21

Sponsored by CISA.