{"api_version":"1","generated_at":"2026-04-24T11:48:59+00:00","cve":"CVE-2004-1464","urls":{"html":"https://cve.report/CVE-2004-1464","api":"https://cve.report/api/cve/CVE-2004-1464.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-1464","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-1464"},"summary":{"title":"CVE-2004-1464","description":"Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-12-31 05:00:00","updated_at":"2026-04-16 14:03:22"},"problem_types":["CWE-400","n/a","CWE-400 CWE-400 Uncontrolled Resource Consumption"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml","name":"http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Vendor Advisory"],"title":"Cisco - Networking, Cloud, and Cybersecurity Solutions","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1011079","name":"http://securitytracker.com/id?1011079","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"Cisco IOS Telnet and Reverse Telnet TCP Bug Lets Remote Users Deny Subsequent Management Terminal Connections - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/384230","name":"http://www.kb.cert.org/vuls/id/384230","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"VU#384230 - Cisco IOS fails to properly handle telnet connections","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464","name":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/11060","name":"http://www.securityfocus.com/bid/11060","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"],"title":"Cisco IOS Telnet Service Remote Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/12395/","name":"http://secunia.com/advisories/12395/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"],"title":"Secunia - Advisories - Cisco IOS Telnet Service Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17131","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17131","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-1464","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-1464","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[{"source":"ADP","time":"2023-05-19T00:00:00.000Z","lang":"en","value":"CVE-2004-1464 added to CISA KEV"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"1464","vulnerable":"1","versionEndIncluding":"12.2\\(15\\)zj3","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"ios","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2004","cve_id":"1464","cve":"CVE-2004-1464","vendorProject":"Cisco","product":"IOS","vulnerabilityName":"Cisco IOS Denial-of-Service Vulnerability","dateAdded":"2023-05-19","shortDescription":"Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2023-06-09","knownRansomwareCampaignUse":"Unknown","notes":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040827-telnet; https://nvd.nist.gov/vuln/detail/CVE-2004-1464","cwes":"","catalogVersion":"2026.04.23","updated_at":"2026-04-23 17:27:11"},"epss":{"cve_year":"2004","cve_id":"1464","cve":"CVE-2004-1464","epss":"0.024110000","percentile":"0.851440000","score_date":"2026-04-23","updated_at":"2026-04-24 00:02:52"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T00:53:23.947Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"cisco-ios-telnet-dos(17131)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17131"},{"name":"1011079","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1011079"},{"name":"VU#384230","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/384230"},{"name":"12395","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/12395/"},{"name":"20040827 Cisco Telnet Denial of Service Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml"},{"name":"11060","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/11060"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2004-1464","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-02-07T14:29:07.632839Z","version":"2.0.3"},"type":"ssvc"}},{"other":{"content":{"dateAdded":"2023-05-19","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464"},"type":"kev"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-10-22T00:05:57.162Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["government-resource"],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464"}],"timeline":[{"lang":"en","time":"2023-05-19T00:00:00.000Z","value":"CVE-2004-1464 added to CISA KEV"}],"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-08-27T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"cisco-ios-telnet-dos(17131)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17131"},{"name":"1011079","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1011079"},{"name":"VU#384230","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/384230"},{"name":"12395","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/12395/"},{"name":"20040827 Cisco Telnet Denial of Service Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml"},{"name":"11060","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/11060"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-1464","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"cisco-ios-telnet-dos(17131)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17131"},{"name":"1011079","refsource":"SECTRACK","url":"http://securitytracker.com/id?1011079"},{"name":"VU#384230","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/384230"},{"name":"12395","refsource":"SECUNIA","url":"http://secunia.com/advisories/12395/"},{"name":"20040827 Cisco Telnet Denial of Service Vulnerability","refsource":"CISCO","url":"http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml"},{"name":"11060","refsource":"BID","url":"http://www.securityfocus.com/bid/11060"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-1464","datePublished":"2005-02-13T05:00:00.000Z","dateReserved":"2005-02-13T00:00:00.000Z","dateUpdated":"2025-10-22T00:05:57.162Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-12-31 05:00:00","lastModifiedDate":"2026-04-16 14:03:22","problem_types":["CWE-400","n/a","CWE-400 CWE-400 Uncontrolled Resource Consumption"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*","versionEndIncluding":"12.2\\(15\\)zj3","matchCriteriaId":"38FF1890-4ED2-4190-8D9F-0DF93AD1C894"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"1464","Ordinal":"1","Title":"CVE-2004-1464","CVE":"CVE-2004-1464","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"1464","Ordinal":"1","NoteData":"Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.","Type":"Description","Title":"CVE-2004-1464"},{"CveYear":"2004","CveId":"1464","Ordinal":"2","NoteData":"2005-02-13","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"1464","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}