CVE-2004-1464

MEDIUM KEV

Cisco Ios < 12.2\(15\)zj3 - Denial of Service

Title source: rule

Description

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

References (7)

[Broken Link, Vendor Advisory] http://secunia.com/advisories/12395/

[Broken Link, Third Party Advisory, VDB Entry] http://securitytracker.com/id?1011079

[Not Applicable, Vendor Advisory] http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/384230

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11060

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17131

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464

Scores

CVSS v3 5.9

EPSS 0.0170

EPSS Percentile 82.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitation Intel

CISA KEV 2023-05-19

VulnCheck KEV 2006-08-27

InTheWild.io 2023-05-19

ENISA EUVD EUVD-2004-1458

Classification

CWE

CWE-400

Status draft

Affected Products (1)

cisco/ios < 12.2\(15\)zj3

Timeline

Published Dec 31, 2004

KEV Added May 19, 2023

Tracked Since Feb 18, 2026