CVE-2007-4747

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-4747
The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://osvdb.org/37503
http://secunia.com/advisories/26721 Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml Vendor Advisory
http://www.securityfocus.com/bid/25549
http://www.securitytracker.com/id?1018655
http://www.vupen.com/english/advisories/2007/3061
https://exchange.xforce.ibmcloud.com/vulnerabilities/36449
http://osvdb.org/37503
http://secunia.com/advisories/26721 Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml Vendor Advisory
http://www.securityfocus.com/bid/25549
http://www.securitytracker.com/id?1018655
http://www.vupen.com/english/advisories/2007/3061
https://exchange.xforce.ibmcloud.com/vulnerabilities/36449
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:video_surveillance_ip_gateway_encoder_decoder:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_sp_isp_decoder_software:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:video_surveillance_sp_isp:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:36

Type Values Removed Values Added
References () http://osvdb.org/37503 - () http://osvdb.org/37503 -
References () http://secunia.com/advisories/26721 - Vendor Advisory () http://secunia.com/advisories/26721 - Vendor Advisory
References () http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml - Vendor Advisory () http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml - Vendor Advisory
References () http://www.securityfocus.com/bid/25549 - () http://www.securityfocus.com/bid/25549 -
References () http://www.securitytracker.com/id?1018655 - () http://www.securitytracker.com/id?1018655 -
References () http://www.vupen.com/english/advisories/2007/3061 - () http://www.vupen.com/english/advisories/2007/3061 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/36449 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/36449 -
Information

Published : 2007-09-06 22:17

Updated : 2024-11-21 00:36

NVD link : CVE-2007-4747

Mitre link : CVE-2007-4747

CVE.ORG link : CVE-2007-4747

JSON object : View

Products Affected

cisco

  • video_surveillance_sp_isp
  • video_surveillance_sp_isp_decoder_software
  • video_surveillance_ip_gateway_encoder_decoder
CWE
CWE-287

Improper Authentication