All the vulnerabilites related to cisco - ip_call_center_express_standard
Vulnerability from fkie_nvd
Published
2004-01-21 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 1.1 | |
| cisco | ip_call_center_express_enhanced | 3.0 | |
| cisco | ip_call_center_express_standard | 3.0 | |
| cisco | ip_interactive_voice_response | 3.0 | |
| cisco | personal_assistant | 1.3\(1\) | |
| cisco | personal_assistant | 1.3\(2\) | |
| cisco | personal_assistant | 1.3\(3\) | |
| cisco | personal_assistant | 1.3\(4\) | |
| cisco | personal_assistant | 1.4\(1\) | |
| cisco | personal_assistant | 1.4\(2\) | |
| ibm | director_agent | 2.2 | |
| ibm | director_agent | 3.11 | |
| cisco | call_manager | 1.0 | |
| cisco | call_manager | 2.0 | |
| cisco | call_manager | 3.0 | |
| cisco | call_manager | 3.1 | |
| cisco | call_manager | 3.1\(2\) | |
| cisco | call_manager | 3.1\(3a\) | |
| cisco | call_manager | 3.2 | |
| cisco | call_manager | 3.3 | |
| cisco | call_manager | 3.3\(3\) | |
| cisco | call_manager | 4.0 | |
| cisco | internet_service_node | * | |
| cisco | conference_connection | 1.1\(1\) | |
| cisco | conference_connection | 1.2 | |
| ibm | mcs-7815-1000 | * | |
| ibm | mcs-7815i-2.0 | * | |
| ibm | mcs-7835i-2.4 | * | |
| ibm | mcs-7835i-3.0 | * | |
| ibm | x330 | 8654 | |
| ibm | x330 | 8674 | |
| ibm | x340 | * | |
| ibm | x342 | * | |
| ibm | x345 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
"matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"id": "CVE-2004-1760",
"lastModified": "2024-11-20T23:51:40.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3692"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-01-21 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 1.1 | |
| cisco | ip_call_center_express_enhanced | 3.0 | |
| cisco | ip_call_center_express_standard | 3.0 | |
| cisco | ip_interactive_voice_response | 3.0 | |
| cisco | personal_assistant | 1.3\(1\) | |
| cisco | personal_assistant | 1.3\(2\) | |
| cisco | personal_assistant | 1.3\(3\) | |
| cisco | personal_assistant | 1.3\(4\) | |
| cisco | personal_assistant | 1.4\(1\) | |
| cisco | personal_assistant | 1.4\(2\) | |
| ibm | director_agent | 2.2 | |
| ibm | director_agent | 3.11 | |
| cisco | call_manager | 1.0 | |
| cisco | call_manager | 2.0 | |
| cisco | call_manager | 3.0 | |
| cisco | call_manager | 3.1 | |
| cisco | call_manager | 3.1\(2\) | |
| cisco | call_manager | 3.1\(3a\) | |
| cisco | call_manager | 3.2 | |
| cisco | call_manager | 3.3 | |
| cisco | call_manager | 3.3\(3\) | |
| cisco | call_manager | 4.0 | |
| cisco | internet_service_node | * | |
| cisco | conference_connection | 1.1\(1\) | |
| cisco | conference_connection | 1.2 | |
| ibm | mcs-7815-1000 | * | |
| ibm | mcs-7815i-2.0 | * | |
| ibm | mcs-7835i-2.4 | * | |
| ibm | mcs-7835i-3.0 | * | |
| ibm | x330 | 8654 | |
| ibm | x330 | 8674 | |
| ibm | x340 | * | |
| ibm | x342 | * | |
| ibm | x345 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
"matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"id": "CVE-2004-1759",
"lastModified": "2024-11-20T23:51:40.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3691"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2004-1760
Vulnerability from cvelistv5
Published
2005-03-10 05:00
Modified
2024-08-08 01:00
Severity ?
EPSS score ?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/14900 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/3692 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/10696 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/602734 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securitytracker.com/id?1008814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/9468 | vdb-entry, x_refsource_BID | |
| http://www.ciac.org/ciac/bulletins/o-066.shtml | third-party-advisory, government-resource, x_refsource_CIAC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1760",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1759
Vulnerability from cvelistv5
Published
2005-03-10 05:00
Modified
2024-08-08 01:00
Severity ?
EPSS score ?
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/721092 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/10696 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/14901 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1008814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/9469 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/3691 | vdb-entry, x_refsource_OSVDB | |
| http://www.ciac.org/ciac/bulletins/o-066.shtml | third-party-advisory, government-resource, x_refsource_CIAC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#721092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1759",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}