CVE-2001-1065Cisco Cbos vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 35.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Cbos
Timeline
PublishedAug 31
Latest updateApr 30

Description

Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/cbos2.4.2ap+1

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-53qc-j5xc-mw4f: Web-based configuration utility in Cisco 600 series routers running CBOS 22022-04-30
CVEList
CVE-2001-1065: Web-based configuration utility in Cisco 600 series routers running CBOS 22002-02-02
CVE-2001-1065 — Cisco Cbos vulnerability | cvebase