Unrated severityNVD Advisory· Published Jan 21, 2004· Updated Apr 16, 2026

CVE-2004-1760

Description

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.

Affected products

Cisco Systems, Inc./Emergency Responder
cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*
Cisco Systems, Inc./Ip Call Center Express Enhanced
cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*
Cisco Systems, Inc./Ip Call Center Express Standard
cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*
Cisco Systems, Inc./Ip Interactive Voice Response
cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*
Cisco Systems, Inc./Personal Assistant6 versions
cpe:2.3:a:cisco:personal_assistant:1.3\(1\):*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:cisco:personal_assistant:1.3\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(3\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.3\(4\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.4\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:personal_assistant:1.4\(2\):*:*:*:*:*:*:*
IBM/Director Agent2 versions
cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*
Cisco Systems, Inc./Call Manager10 versions
cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.1\(2\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.1\(3a\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:3.3\(3\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*
Cisco Systems, Inc./Internet Service Node
cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*
IBM/Mcs 7815 1000
cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*
IBM/Mcs 7815i 2.0
cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*
IBM/Mcs 7835i 2.4
cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*
IBM/Mcs 7835i 3.0
cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*
IBM/X3302 versions
cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*
IBM/X340
cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*
IBM/X342
cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*
IBM/X345
cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Conference Connection2 versions
cpe:2.3:o:cisco:conference_connection:1.1\(1\):*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:cisco:conference_connection:1.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/10696nvdPatchVendor Advisory
www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtmlnvdPatchVendor Advisory
www.kb.cert.org/vuls/id/602734nvdPatchThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/9468nvdPatchVendor Advisory
www.ciac.org/ciac/bulletins/o-066.shtmlnvd
www.osvdb.org/3692nvd
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/14900nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000