CVE-2004-1464
published 2004-12-31CVE-2004-1464: Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection…
PriorityP269medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-06-09
Exploited in the wild
EPSS
5.13%
91.3th percentile
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | <= 12.2\(15\)zj3 | — |
| cisco | telnet | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for sudden loss of VTY access (Telnet, SSH, RSH, HTTP) to Cisco IOS devices while packet forwarding and routing protocols remain operational — this asymmetry is a strong indicator of active exploitation. ↗
- →Track impact on DLSw and protocol translation connections in addition to standard management plane protocols, as these may also be blocked by exploitation. ↗
- ·Only new management sessions are blocked; sessions established before exploitation remain active and unaffected. ↗
- ·HTTP management access may also be blocked in some cases, broadening the management plane impact beyond just terminal-based protocols. ↗
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vulncheck5.9MEDIUM
cisa5.9MEDIUM
vendor_cisco5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Cisco IOS Denial-of-Service Vulnerability
cisa·2023-05-19·CVSS 5.9
CVE-2004-1464 [MEDIUM] Cisco IOS Denial-of-Service Vulnerability
Vulnerability: Cisco IOS Denial-of-Service Vulnerability
Affected: Cisco IOS
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
Required Action: Apply updates per vendor instructions.
Notes: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040827-telnet; https://nvd.nist.gov/vuln/detail/CVE-2004-1464
Remediation Due Date: 2023-06-09
Cisco
Cisco Telnet Denial of Service Vulnerability
vendor_cisco·2004-08-27·CVSS 5.0
CVE-2004-1464 [MEDIUM] CWE-399 Cisco Telnet Denial of Service Vulnerability
Cisco Telnet Denial of Service Vulnerability
A specifically crafted Transmission Control Protocol (TCP) connection
to a telnet or reverse telnet port of a Cisco device running Internetwork
Operating System (IOS)�� may block further telnet,
reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases
Hypertext Transport Protocol (HTTP) access to the Cisco device. Data Link
Switching (DLSw) and protocol translation connections may also be affected.
Telnet, reverse telnet, RSH, SSH, DLSw and protocol translation sessions
established prior to exploitation are not affected.
All other device services will operate normally. Services such as
packet forwarding (excluding DLSw and protocol translation per above), routing
protocols and all other communication to and through the device
Cisco
Cisco Telnet Denial of Service Vulnerability
vendor_cisco
CVE-2004-1464 Cisco Telnet Denial of Service Vulnerability
CVE-2004-1464: Cisco Telnet Denial of Service Vulnerability
A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) ?? may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Data Link Switching (DLSw) and protocol translation connections may also be affected. Telnet, reverse telnet, RSH, SSH, DLSw and protocol translation sessions established prior to exploitation are not affected. All other device services will operate normally. Services such as packet forwarding (excluding DLSw and protocol translation per above), routing protocols and all other communication to and throu
VulDB
Cisco IOS up to 12.0(3) Telnet TCP Connection denial of service (VU#384230 / EUVD-2004-1458)
vuldb·2026-04-22·CVSS 5.9
CVE-2004-1464 [MEDIUM] Cisco IOS up to 12.0(3) Telnet TCP Connection denial of service (VU#384230 / EUVD-2004-1458)
A vulnerability classified as critical has been found in Cisco IOS up to 12.0(3). This affects an unknown function of the component Telnet TCP Connection Handler. This manipulation causes denial of service.
This vulnerability is handled as CVE-2004-1464. The attack can be initiated remotely. Additionally, an exploit exists.
It is advisable to implement restrictive firewalling.
GHSA
GHSA-7757-mj68-c29v: Cisco IOS 12
ghsa_unreviewed·2022-04-29
CVE-2004-1464 [MEDIUM] CWE-400 GHSA-7757-mj68-c29v: Cisco IOS 12
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
VulnCheck
Cisco IOS Denial-of-Service Vulnerability
vulncheck·2004·CVSS 5.9
CVE-2004-1464 [MEDIUM] Cisco IOS Denial-of-Service Vulnerability
Cisco IOS Denial-of-Service Vulnerability
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
Affected: Cisco IOS Software
Required Action: Apply updates per vendor instructions.
Exploitation References: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20040827-telnet.html; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2023-06-09
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/12395/http://securitytracker.com/id?1011079http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlhttp://www.kb.cert.org/vuls/id/384230http://www.securityfocus.com/bid/11060https://exchange.xforce.ibmcloud.com/vulnerabilities/17131http://secunia.com/advisories/12395/http://securitytracker.com/id?1011079http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlhttp://www.kb.cert.org/vuls/id/384230http://www.securityfocus.com/bid/11060https://exchange.xforce.ibmcloud.com/vulnerabilities/17131https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464
2004-12-31
Published
2023-05-19
Added to CISA KEV
Exploited in the wild