5.9

CVE-2004-1464

Warnung
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Version <= 12.2\(15\)zj3

19.05.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Cisco IOS Denial-of-Service Vulnerability

Schwachstelle

Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.13% 0.913
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

http://secunia.com/advisories/12395/
Vendor Advisory
Broken Link
http://securitytracker.com/id?1011079
Third Party Advisory
Broken Link
VDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml
Vendor Advisory
Not Applicable
http://www.kb.cert.org/vuls/id/384230
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/11060
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17131
Third Party Advisory
VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464
US Government Resource