Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4747

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-4747
Last Modified 07 Mar 2011 09:59:07
Published 06 Sep 2007 06:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4747

Summary

The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729.

Vulnerable Systems

Application

  • Cisco Video Surveillance Ip Gateway Encoder Decoder 1.8.1

  • Cisco Video Surveillance Sp Isp Decoder Software 1.11.0


References

XF - cisco-videosurv-telnet-privilege-escalation(36449)

VUPEN - ADV-2007-3061

SECTRACK - 1018655

BID - 25549

CISCO - 20070905 Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities

SECUNIA - 26721

OSVDB - 37503


Last Updated: 27 May 2016 10:45:57