Web-based Configuration Utility Vulnerability in Cisco 600 Series Routers
CVE-2001-1065

Currently unrated

Key Information:

Vendor: Cisco
Status: Cbos
Vendor: CVE Published:; 31 August 2001

Summary

The web-based configuration utility in Cisco 600 series routers, operating with CBOS versions 2.0.1 through 2.4.2ap, improperly binds to port 80 even when the web-based configuration services are disabled. This misconfiguration could potentially expose the router to unauthorized access, allowing attackers to exploit the unintentional exposure of the configuration interface.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7027

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/cisco-cbos-webserver...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Aug 31, 2001