Lucene search

MitreCVE-2001-0757

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0757

2002-03-0905:00:00

mitre

web.nvd.nist.gov

cisco

access concentrator

nrp2

vty

password protection

unauthorized access

telnet

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.035

Percentile

91.6%

JSON

Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.

Affected configurations

Nvd

Node

cisco6400_nrp_2Match12.1dc

VendorProductVersionCPE
cisco6400_nrp_212.1dccpe:2.3:h:cisco:6400_nrp_2:12.1dc:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	6400_nrp_2	12.1dc	cpe:2.3:h:cisco:6400_nrp_2:12.1dc:::::::*

References

www.ciac.org/ciac/bulletins/l-097.shtml

www.cisco.com/warp/public/707/6400-nrp2-telnet-vuln-pub.shtml

www.kb.cert.org/vuls/id/516659

www.osvdb.org/804

www.securityfocus.com/bid/2874

exchange.xforce.ibmcloud.com/vulnerabilities/6691

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.035

Percentile

91.6%

JSON

Related for CVE-2001-0757