Описание
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:personal_assistant:1.3\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:personal_assistant:1.3\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:personal_assistant:1.3\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:personal_assistant:1.3\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:personal_assistant:1.4\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:personal_assistant:1.4\(2\):*:*:*:*:*:*:*
cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.1\(2\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.1\(3a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:3.3\(3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:cisco:conference_connection:1.1\(1\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*
cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*
cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10091
Средний
10 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
EPSS
Процентиль: 93%
0.10091
Средний
10 Critical
CVSS2
Дефекты
CWE-287