Lucene search

MitreCVE-2007-4747

HistorySep 06, 2007 - 10:17 p.m.

CVE-2007-4747

2007-09-0622:17:00

CWE-287

mitre

web.nvd.nist.gov

cisco

video surveillance

ip gateway

encoder

decoder

authentication

remote attack

vulnerability

cscsj31729

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.02

Percentile

89.0%

JSON

The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729.

Affected configurations

Nvd

Node

ciscovideo_surveillance_ip_gateway_encoder_decoderRange≤1.8.1

ciscovideo_surveillance_sp_isp_decoder_softwareRange≤1.11.0

ciscovideo_surveillance_sp_ispRange≤1.23.7

VendorProductVersionCPE
ciscovideo_surveillance_ip_gateway_encoder_decoder*cpe:2.3:a:cisco:video_surveillance_ip_gateway_encoder_decoder:*:*:*:*:*:*:*:*
ciscovideo_surveillance_sp_isp_decoder_software*cpe:2.3:a:cisco:video_surveillance_sp_isp_decoder_software:*:*:*:*:*:*:*:*
ciscovideo_surveillance_sp_isp*cpe:2.3:h:cisco:video_surveillance_sp_isp:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	video_surveillance_ip_gateway_encoder_decoder	*	cpe:2.3:a:cisco:video_surveillance_ip_gateway_encoder_decoder::::::::
cisco	video_surveillance_sp_isp_decoder_software	*	cpe:2.3:a:cisco:video_surveillance_sp_isp_decoder_software::::::::
cisco	video_surveillance_sp_isp	*	cpe:2.3:h:cisco:video_surveillance_sp_isp::::::::

References

osvdb.org/37503

secunia.com/advisories/26721

www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml

www.securityfocus.com/bid/25549

www.securitytracker.com/id?1018655

www.vupen.com/english/advisories/2007/3061

exchange.xforce.ibmcloud.com/vulnerabilities/36449

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.02

Percentile

89.0%

JSON

Related for CVE-2007-4747