CVE-2004-1464 — MEDIUM (5.9)

Q: What is CVE-2004-1464?

CVE-2004-1464 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

Q: How severe is CVE-2004-1464?

CVE-2004-1464 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2004-1464?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.

Vulnerability Description

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Ios	<= 12.2\(15\)zj3

Related Weaknesses (CWE)

CWE-400

References

http://secunia.com/advisories/12395/Broken LinkVendor Advisory
http://securitytracker.com/id?1011079Broken LinkThird Party AdvisoryVDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlNot ApplicableVendor Advisory
http://www.kb.cert.org/vuls/id/384230PatchThird Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/11060Broken LinkThird Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17131Third Party AdvisoryVDB Entry
http://secunia.com/advisories/12395/Broken LinkVendor Advisory
http://securitytracker.com/id?1011079Broken LinkThird Party AdvisoryVDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlNot ApplicableVendor Advisory
http://www.kb.cert.org/vuls/id/384230PatchThird Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/11060Broken LinkThird Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/17131Third Party AdvisoryVDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-US Government Resource

FAQ

What is CVE-2004-1464?

CVE-2004-1464 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

How severe is CVE-2004-1464?

CVE-2004-1464 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-1464?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.