Lucene search

MitreCVE-2001-1065

HistoryFeb 02, 2002 - 5:00 a.m.

CVE-2001-1065

2002-02-0205:00:00

mitre

web.nvd.nist.gov

cisco

router

configuration utility

vulnerability

cve-2001-1065

nvd

web-based configuration

attack exposure.

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

48.8%

JSON

Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.

Affected configurations

Nvd

Node

ciscocbosRange≤2.4.2ap

ciscocbosMatch2.0.1

VendorProductVersionCPE
ciscocbos*cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*
ciscocbos2.0.1cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cbos	*	cpe:2.3:o:cisco:cbos::::::::
cisco	cbos	2.0.1	cpe:2.3:o:cisco:cbos:2.0.1:::::::*

References

www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml

exchange.xforce.ibmcloud.com/vulnerabilities/7027

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

48.8%

JSON

Related for CVE-2001-1065