Vulnerabilites related to ibm - mcs-7815i-2.0
Vulnerability from fkie_nvd
Published
2004-01-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 1.1 | |
| cisco | ip_call_center_express_enhanced | 3.0 | |
| cisco | ip_call_center_express_standard | 3.0 | |
| cisco | ip_interactive_voice_response | 3.0 | |
| cisco | personal_assistant | 1.3\(1\) | |
| cisco | personal_assistant | 1.3\(2\) | |
| cisco | personal_assistant | 1.3\(3\) | |
| cisco | personal_assistant | 1.3\(4\) | |
| cisco | personal_assistant | 1.4\(1\) | |
| cisco | personal_assistant | 1.4\(2\) | |
| ibm | director_agent | 2.2 | |
| ibm | director_agent | 3.11 | |
| cisco | call_manager | 1.0 | |
| cisco | call_manager | 2.0 | |
| cisco | call_manager | 3.0 | |
| cisco | call_manager | 3.1 | |
| cisco | call_manager | 3.1\(2\) | |
| cisco | call_manager | 3.1\(3a\) | |
| cisco | call_manager | 3.2 | |
| cisco | call_manager | 3.3 | |
| cisco | call_manager | 3.3\(3\) | |
| cisco | call_manager | 4.0 | |
| cisco | internet_service_node | * | |
| cisco | conference_connection | 1.1\(1\) | |
| cisco | conference_connection | 1.2 | |
| ibm | mcs-7815-1000 | * | |
| ibm | mcs-7815i-2.0 | * | |
| ibm | mcs-7835i-2.4 | * | |
| ibm | mcs-7835i-3.0 | * | |
| ibm | x330 | 8654 | |
| ibm | x330 | 8674 | |
| ibm | x340 | * | |
| ibm | x342 | * | |
| ibm | x345 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
"matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"id": "CVE-2004-1760",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3692"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-01-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 1.1 | |
| cisco | ip_call_center_express_enhanced | 3.0 | |
| cisco | ip_call_center_express_standard | 3.0 | |
| cisco | ip_interactive_voice_response | 3.0 | |
| cisco | personal_assistant | 1.3\(1\) | |
| cisco | personal_assistant | 1.3\(2\) | |
| cisco | personal_assistant | 1.3\(3\) | |
| cisco | personal_assistant | 1.3\(4\) | |
| cisco | personal_assistant | 1.4\(1\) | |
| cisco | personal_assistant | 1.4\(2\) | |
| ibm | director_agent | 2.2 | |
| ibm | director_agent | 3.11 | |
| cisco | call_manager | 1.0 | |
| cisco | call_manager | 2.0 | |
| cisco | call_manager | 3.0 | |
| cisco | call_manager | 3.1 | |
| cisco | call_manager | 3.1\(2\) | |
| cisco | call_manager | 3.1\(3a\) | |
| cisco | call_manager | 3.2 | |
| cisco | call_manager | 3.3 | |
| cisco | call_manager | 3.3\(3\) | |
| cisco | call_manager | 4.0 | |
| cisco | internet_service_node | * | |
| cisco | conference_connection | 1.1\(1\) | |
| cisco | conference_connection | 1.2 | |
| ibm | mcs-7815-1000 | * | |
| ibm | mcs-7815i-2.0 | * | |
| ibm | mcs-7835i-2.4 | * | |
| ibm | mcs-7835i-3.0 | * | |
| ibm | x330 | 8654 | |
| ibm | x330 | 8674 | |
| ibm | x340 | * | |
| ibm | x342 | * | |
| ibm | x345 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
"matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"id": "CVE-2004-1759",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3691"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2004-1760 (GCVE-0-2004-1760)
Vulnerability from cvelistv5
Published
2005-03-10 05:00
Modified
2024-08-08 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/14900 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/3692 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/10696 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/602734 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securitytracker.com/id?1008814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/9468 | vdb-entry, x_refsource_BID | |
| http://www.ciac.org/ciac/bulletins/o-066.shtml | third-party-advisory, government-resource, x_refsource_CIAC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1760",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1759 (GCVE-0-2004-1759)
Vulnerability from cvelistv5
Published
2005-03-10 05:00
Modified
2024-08-08 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/721092 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/10696 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/14901 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1008814 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/9469 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/3691 | vdb-entry, x_refsource_OSVDB | |
| http://www.ciac.org/ciac/bulletins/o-066.shtml | third-party-advisory, government-resource, x_refsource_CIAC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#721092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1759",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-200401-0064
Vulnerability from variot
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. Cisco IBM Director agent fails to authenticate users for remote administration. This could be exploited by any Director Server/Console agent that can connect to the administrative port. Administrative access will permit the attacker to take various malicious actions, including remote command execution, reconfiguration and stopping/starting services. Cisco voice devices are available on multiple operating platforms, including IBM. By default, TCP and UDP port 14247 will be opened in an insecure manner
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200401-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "director agent",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "director agent",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "ip interactive voice response",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ip call center express standard",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ip call center express enhanced",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(2\\)"
},
{
"model": "mcs-7815i-2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(4\\)"
},
{
"model": "x342",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(3\\)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(2\\)"
},
{
"model": "mcs-7835i-2.4",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(2\\)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(1\\)"
},
{
"model": "x340",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3\\(3\\)"
},
{
"model": "mcs-7835i-3.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "mcs-7815-1000",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "x330",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8674"
},
{
"model": "x345",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "x330",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8654"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(3a\\)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(1\\)"
},
{
"model": "internet service node",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "x345",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": "x342",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x345"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x342"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x340"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3308674"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3308654"
},
{
"model": "mcs-7835i-3.0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mcs-7815i-2.0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mcs-7815-1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(2)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(1)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(4)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(3)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(2)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(1)"
},
{
"model": "internet service node",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "conference connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "BID",
"id": "9468"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1760",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-1760",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-10190",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1760",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#602734",
"trust": 0.8,
"value": "14.93"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#721092",
"trust": 0.8,
"value": "3.87"
},
{
"author": "CNNVD",
"id": "CNNVD-200401-057",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-10190",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10190"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. Cisco IBM Director agent fails to authenticate users for remote administration. This could be exploited by any Director Server/Console agent that can connect to the administrative port. \nAdministrative access will permit the attacker to take various malicious actions, including remote command execution, reconfiguration and stopping/starting services. Cisco voice devices are available on multiple operating platforms, including IBM. By default, TCP and UDP port 14247 will be opened in an insecure manner",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1760"
},
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "BID",
"id": "9468"
},
{
"db": "VULHUB",
"id": "VHN-10190"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "10696",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#602734",
"trust": 2.5
},
{
"db": "BID",
"id": "9468",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1760",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "3692",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1008814",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#721092",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200401-057",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20040121 VOICE PRODUCT VULNERABILITIES ON IBM SERVERS",
"trust": 0.6
},
{
"db": "CIAC",
"id": "O-066",
"trust": 0.6
},
{
"db": "XF",
"id": "14900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10190",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10190"
},
{
"db": "BID",
"id": "9468"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"id": "VAR-200401-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10190"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:40:23.304000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10190"
},
{
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/9468"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"trust": 1.7,
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/3692"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1008814"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/10696"
},
{
"trust": 1.6,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00801ede01.shtml"
},
{
"trust": 1.6,
"url": "http://www.secunia.com/advisories/10696/"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/14900"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10190"
},
{
"db": "BID",
"id": "9468"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10190"
},
{
"db": "BID",
"id": "9468"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#602734"
},
{
"date": "2004-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#721092"
},
{
"date": "2004-01-21T00:00:00",
"db": "VULHUB",
"id": "VHN-10190"
},
{
"date": "2004-01-21T00:00:00",
"db": "BID",
"id": "9468"
},
{
"date": "2004-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"date": "2004-01-21T05:00:00",
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-23T00:00:00",
"db": "CERT/CC",
"id": "VU#602734"
},
{
"date": "2004-01-23T00:00:00",
"db": "CERT/CC",
"id": "VU#721092"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10190"
},
{
"date": "2009-07-12T02:06:00",
"db": "BID",
"id": "9468"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200401-057"
},
{
"date": "2017-07-11T01:31:19.887000",
"db": "NVD",
"id": "CVE-2004-1760"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco default install of IBM Director agent fails to authenticate users for remote administration",
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-057"
}
],
"trust": 0.6
}
}
var-200401-0063
Vulnerability from variot
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. Cisco IBM Director agent fails to authenticate users for remote administration. The issue is reported to present itself when a port that is associated with the affected software is scanned with a port scanner. This will cause the target Cisco voice server to become inoperative until the affected server is rebooted. Cisco voice devices are available on multiple operating platforms, including IBM. By default, TCP and UDP 14247 ports will be opened in an unsafe manner. Scanning through a common network port scanner will cause IBM Director to consume a large amount of resources when processing twgipc.exe. CPU time, thereby stopping other responses
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200401-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "director agent",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "director agent",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "ip interactive voice response",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ip call center express standard",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ip call center express enhanced",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(2\\)"
},
{
"model": "mcs-7815i-2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(4\\)"
},
{
"model": "x342",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(3\\)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(2\\)"
},
{
"model": "mcs-7835i-2.4",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(2\\)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3\\(1\\)"
},
{
"model": "x340",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3\\(3\\)"
},
{
"model": "mcs-7835i-3.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "mcs-7815-1000",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "x330",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8674"
},
{
"model": "x345",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "*"
},
{
"model": "conference connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "x330",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8654"
},
{
"model": "call manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1\\(3a\\)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(1\\)"
},
{
"model": "internet service node",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "mcs-7815i-2.0",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "mcs-7815-1000",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "mcs-7835i-2.4",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x345"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x342"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x340"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3308674"
},
{
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3308654"
},
{
"model": "mcs-7835i-3.0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "director agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(2)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4(1)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(4)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(3)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(2)"
},
{
"model": "personal assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3(1)"
},
{
"model": "internet service node",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "conference connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "BID",
"id": "9469"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1759",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-1759",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10189",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1759",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#602734",
"trust": 0.8,
"value": "14.93"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#721092",
"trust": 0.8,
"value": "3.87"
},
{
"author": "CNNVD",
"id": "CNNVD-200401-056",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10189",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2004-1759",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10189"
},
{
"db": "VULMON",
"id": "CVE-2004-1759"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. Cisco IBM Director agent fails to authenticate users for remote administration. The issue is reported to present itself when a port that is associated with the affected software is scanned with a port scanner. This will cause the target Cisco voice server to become inoperative until the affected server is rebooted. Cisco voice devices are available on multiple operating platforms, including IBM. By default, TCP and UDP 14247 ports will be opened in an unsafe manner. Scanning through a common network port scanner will cause IBM Director to consume a large amount of resources when processing twgipc.exe. CPU time, thereby stopping other responses",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1759"
},
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "BID",
"id": "9469"
},
{
"db": "VULHUB",
"id": "VHN-10189"
},
{
"db": "VULMON",
"id": "CVE-2004-1759"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "10696",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#721092",
"trust": 2.6
},
{
"db": "BID",
"id": "9469",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2004-1759",
"trust": 2.1
},
{
"db": "OSVDB",
"id": "3691",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1008814",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#602734",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20040121 VOICE PRODUCT VULNERABILITIES ON IBM SERVERS",
"trust": 0.6
},
{
"db": "CIAC",
"id": "O-066",
"trust": 0.6
},
{
"db": "XF",
"id": "14901",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10189",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2004-1759",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10189"
},
{
"db": "VULMON",
"id": "CVE-2004-1759"
},
{
"db": "BID",
"id": "9469"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"id": "VAR-200401-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10189"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:40:23.340000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10189"
},
{
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/9469"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"trust": 1.8,
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/3691"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1008814"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/10696"
},
{
"trust": 1.6,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00801ede01.shtml"
},
{
"trust": 1.6,
"url": "http://www.secunia.com/advisories/10696/"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/14901"
},
{
"trust": 0.3,
"url": "/archive/1/359500"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=7192"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10189"
},
{
"db": "VULMON",
"id": "CVE-2004-1759"
},
{
"db": "BID",
"id": "9469"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#602734"
},
{
"db": "CERT/CC",
"id": "VU#721092"
},
{
"db": "VULHUB",
"id": "VHN-10189"
},
{
"db": "VULMON",
"id": "CVE-2004-1759"
},
{
"db": "BID",
"id": "9469"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#602734"
},
{
"date": "2004-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#721092"
},
{
"date": "2004-01-21T00:00:00",
"db": "VULHUB",
"id": "VHN-10189"
},
{
"date": "2004-01-21T00:00:00",
"db": "VULMON",
"id": "CVE-2004-1759"
},
{
"date": "2004-01-21T00:00:00",
"db": "BID",
"id": "9469"
},
{
"date": "2004-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"date": "2004-01-21T05:00:00",
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-23T00:00:00",
"db": "CERT/CC",
"id": "VU#602734"
},
{
"date": "2004-01-23T00:00:00",
"db": "CERT/CC",
"id": "VU#721092"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10189"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2004-1759"
},
{
"date": "2015-03-19T08:23:00",
"db": "BID",
"id": "9469"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200401-056"
},
{
"date": "2017-07-11T01:31:19.827000",
"db": "NVD",
"id": "CVE-2004-1759"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Voice Product IBM Director Agent Port Scan Denial Of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "9469"
},
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200401-056"
}
],
"trust": 0.6
}
}