CVE-2007-4263
published 2007-08-08CVE-2007-4263: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write…
high8.5CVSS 3.1
AVNACMAuSCCICAC
Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
| cisco | ios_secure_copy_authorization | — | — |
GHSA
GHSA-f33g-7p96-3gr2: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12
ghsa_unreviewed·2022-05-01
CVE-2007-4263 [HIGH] GHSA-f33g-7p96-3gr2: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12
Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.
Cisco
Cisco IOS Secure Copy Authorization Bypass Vulnerability
vendor_cisco·2007-08-08·CVSS 6.0
CVE-2007-4263 [MEDIUM] CWE-264 Cisco IOS Secure Copy Authorization Bypass Vulnerability
Cisco IOS Secure Copy Authorization Bypass Vulnerability
The server side of the Secure Copy (SCP) implementation in Cisco
Internetwork Operating System (IOS) contains a vulnerability that allows any
valid user, regardless of privilege level, to transfer files to and from an IOS
device that is configured to be a Secure Copy server. This vulnerability could
allow valid users to retrieve or write to any file on the device's filesystem,
including the device's saved configuration. This configuration file may include
passwords or other sensitive information.
The IOS Secure Copy Server is an optional service that is disabled by
default. Devices that are not specifically configured to enable the IOS Secure
Copy Server service are not affected by this vulnerability.
This vulnerability does not a
Cisco
Cisco IOS Secure Copy Authorization Bypass Vulnerability
vendor_cisco
CVE-2007-4263 Cisco IOS Secure Copy Authorization Bypass Vulnerability
CVE-2007-4263: Cisco IOS Secure Copy Authorization Bypass Vulnerability
The server side of the Secure Copy (SCP) implementation in Cisco Internetwork Operating System (IOS) contains a vulnerability that allows any valid user, regardless of privilege level, to transfer files to and from an IOS device that is configured to be a Secure Copy server. This vulnerability could allow valid users to retrieve or write to any file on the device's filesystem, including the device's saved configuration. This configuration file may include passwords or other sensitive information. The IOS Secure Copy Server is an optional service that is disabled by default. Devices that are not specifically configured to enable the IOS Secure Copy Server service are not affected by this vulnerability. This vulnerabilit
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/36694http://secunia.com/advisories/26361http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtmlhttp://www.securityfocus.com/bid/25240http://www.securitytracker.com/id?1018534http://www.vupen.com/english/advisories/2007/2817https://exchange.xforce.ibmcloud.com/vulnerabilities/35872https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5542http://osvdb.org/36694http://secunia.com/advisories/26361http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtmlhttp://www.securityfocus.com/bid/25240http://www.securitytracker.com/id?1018534http://www.vupen.com/english/advisories/2007/2817https://exchange.xforce.ibmcloud.com/vulnerabilities/35872https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5542
2007-08-08
Published