CVE-2004-1760

Cisco Emergency Responder - Unauthenticated Administrator Access via IBM Director Agent

Title source: llm
STIX 2.1

Description

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/14900
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/3692
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/10696
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/602734
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1008814
Patch, Vendor Advisory vendor-advisory x_refsource_cisco
http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9468
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/o-066.shtml

Scores

EPSS 0.0380
EPSS Percentile 88.7%

Details

CWE
CWE-287
Status published
Products (34)
cisco/call_manager 1.0
cisco/call_manager 2.0
cisco/call_manager 3.0
cisco/call_manager 3.1
cisco/call_manager 3.1\(2\)
cisco/call_manager 3.1\(3a\)
cisco/call_manager 3.2
cisco/call_manager 3.3
cisco/call_manager 3.3\(3\)
cisco/call_manager 4.0
... and 24 more
Published Jan 21, 2004
Tracked Since Feb 18, 2026