The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters.
http://secunia.com/advisories/12117
https://exchange.xforce.ibmcloud.com/vulnerabilities/16766
http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml