CVE-2004-1759

CWE-3993 documents3 sources

Severity

5.0MEDIUM

EPSS

3.7%

top 11.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Call Manager Cisco Conference Connection Cisco Emergency Responder +6 more

Timeline

PublishedJan 21

Latest updateApr 29

Description

Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages9 packages

▶NVDibm/director_agent2.2, 3.11+1

▶NVDcisco/ip_interactive_voice_response3.0

▶NVDcisco/call_manager10 versions+9

▶NVDcisco/personal_assistant6 versions+5

▶NVDcisco/emergency_responder1.1

Patches

Patch: secunia.com ↗Patch: www.cisco.com ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-qr7r-whq7-5ffv: Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000↗2022-04-29

▶

CVEList

CVE-2004-1759: Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000↗2005-03-10

▶