Vulnerability Details : CVE-2004-1760
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
Vulnerability category: BypassGain privilege
Exploit prediction scoring system (EPSS) score for CVE-2004-1760
Probability of exploitation activity in the next 30 days: 1.13%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2004-1760
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2004-1760
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2004-1760
-
http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml
Patch;Vendor Advisory
- http://www.securitytracker.com/id?1008814
-
http://www.securityfocus.com/bid/9468
Patch;Vendor Advisory
-
http://www.kb.cert.org/vuls/id/602734
Patch;Third Party Advisory;US Government Resource
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/14900
- http://www.ciac.org/ciac/bulletins/o-066.shtml
Products affected by CVE-2004-1760
- cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.1\(2\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.1\(3a\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.3\(3\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.4\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.4\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(3\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(4\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(2\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:conference_connection:1.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*