Lucene search

MitreCVE-2004-0650

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0650

2004-08-0604:00:00

mitre

web.nvd.nist.gov

cve

2004

0650

cisco

collaboration server

ccs

servletexec

remote attackers

arbitrary files

uploadservlet

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.02

Percentile

89.0%

JSON

UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote attackers to upload and execute arbitrary files via a direct call to the UploadServlet URL.

Affected configurations

Nvd

Node

newatlantaservletexecMatch2.2

newatlantaservletexecMatch3.0

VendorProductVersionCPE
newatlantaservletexec2.2cpe:2.3:a:newatlanta:servletexec:2.2:*:*:*:*:*:*:*
newatlantaservletexec3.0cpe:2.3:a:newatlanta:servletexec:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
newatlanta	servletexec	2.2	cpe:2.3:a:newatlanta:servletexec:2.2:::::::*
newatlanta	servletexec	3.0	cpe:2.3:a:newatlanta:servletexec:3.0:::::::*

References

secunia.com/advisories/11979/

www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml

www.kb.cert.org/vuls/id/718896

www.securityfocus.com/bid/10639

exchange.xforce.ibmcloud.com/vulnerabilities/16553

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.02

Percentile

89.0%

JSON

Related for CVE-2004-0650