FKIE_CVE-2004-1760

Vulnerability from fkie_nvd - Published: 2004-01-21 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
References
cve@mitre.orghttp://secunia.com/advisories/10696Patch, Vendor Advisory
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/o-066.shtml
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/602734Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.osvdb.org/3692
cve@mitre.orghttp://www.securityfocus.com/bid/9468Patch, Vendor Advisory
cve@mitre.orghttp://www.securitytracker.com/id?1008814
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/14900
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10696Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/o-066.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/602734Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/3692
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/9468Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1008814
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/14900
Impacted products
Vendor Product Version
cisco emergency_responder 1.1
cisco ip_call_center_express_enhanced 3.0
cisco ip_call_center_express_standard 3.0
cisco ip_interactive_voice_response 3.0
cisco personal_assistant 1.3\(1\)
cisco personal_assistant 1.3\(2\)
cisco personal_assistant 1.3\(3\)
cisco personal_assistant 1.3\(4\)
cisco personal_assistant 1.4\(1\)
cisco personal_assistant 1.4\(2\)
ibm director_agent 2.2
ibm director_agent 3.11
cisco call_manager 1.0
cisco call_manager 2.0
cisco call_manager 3.0
cisco call_manager 3.1
cisco call_manager 3.1\(2\)
cisco call_manager 3.1\(3a\)
cisco call_manager 3.2
cisco call_manager 3.3
cisco call_manager 3.3\(3\)
cisco call_manager 4.0
cisco internet_service_node *
cisco conference_connection 1.1\(1\)
cisco conference_connection 1.2
ibm mcs-7815-1000 *
ibm mcs-7815i-2.0 *
ibm mcs-7835i-2.4 *
ibm mcs-7835i-3.0 *
ibm x330 8654
ibm x330 8674
ibm x340 *
ibm x342 *
ibm x345 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
    }
  ],
  "id": "CVE-2004-1760",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-01-21T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/10696"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/602734"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/3692"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9468"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1008814"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/10696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/602734"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/3692"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1008814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.