CISA KEV 정보
| 취약점명 | Cisco IOS Denial-of-Service Vulnerability |
|---|---|
| 설명 | Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Unknown |
| 등록일 (KEV) | 2023-05-19 |
| 조치 기한 | 2023-06-09 |
| 추가 참고 | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040827-telnet; https://nvd.nist.gov/vuln/detail/CVE-2004-1464 |
NVD 상세 정보
CVSS v3.1: 5.9 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HCVSS v2.0: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P설명: Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
CWE: CWE-400
참조
- http://secunia.com/advisories/12395/ [Broken Link, Vendor Advisory]
- http://securitytracker.com/id?1011079 [Broken Link, Third Party Advisory, VDB Entry]
- http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml [Not Applicable, Vendor Advisory]
- http://www.kb.cert.org/vuls/id/384230 [Patch, Third Party Advisory, US Government Resource]
- http://www.securityfocus.com/bid/11060 [Broken Link, Third Party Advisory, VDB Entry]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17131 [Third Party Advisory, VDB Entry]
- http://secunia.com/advisories/12395/ [Broken Link, Vendor Advisory]
- http://securitytracker.com/id?1011079 [Broken Link, Third Party Advisory, VDB Entry]
- http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml [Not Applicable, Vendor Advisory]
- http://www.kb.cert.org/vuls/id/384230 [Patch, Third Party Advisory, US Government Resource]
- http://www.securityfocus.com/bid/11060 [Broken Link, Third Party Advisory, VDB Entry]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17131 [Third Party Advisory, VDB Entry]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464
This product uses the NVD API but is not endorsed or certified by the NVD.