Cyber Resilience

CVE-2004-1464

MediumCISA KEVActive ExploitationEUVD ExploitedDDoS

Published: 31 December 2004

Published
31 December 2004
Modified
16 April 2026
KEV Added
19 May 2023
Patch
CVSS Score v3.1 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0220 84.8th percentile
Risk Priority 33 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2004-1464 is a medium-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Cisco Ios. Its CVSS base score is 5.9 (Medium).

Operationally, ranked in the top 15.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-2 (Flaw Remediation).

Deeper analysis

Cisco IOS versions 12.2(15) and earlier are affected by a vulnerability that allows remote attackers to trigger a denial of service by sending a crafted TCP connection to the Telnet or reverse Telnet port, resulting in refused VTY virtual terminal connections. The flaw is tracked as CWE-400 and assigned a CVSS 3.1 score of 5.9 reflecting network attack vector, high complexity, and high impact to availability with no impact to confidentiality or integrity.

An unauthenticated attacker with network reachability can open a specially formed TCP session to the Telnet service and thereby exhaust connection resources, blocking subsequent legitimate administrative access via VTY lines.

Vendor and third-party advisories, including the Cisco security advisory published in August 2004, direct administrators to apply the corresponding IOS software updates that correct Telnet session handling and to restrict exposure of the service where possible through access controls.

EU & UK References

Vulnerability details

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

CWE(s)
KEV Date Added
19 May 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
ios
≤ 12.2\(15\)zj3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires applying the vendor IOS software updates that correct the Telnet session-handling flaw described in the CVE.

prevent

Enforces boundary controls that restrict network exposure of the Telnet/reverse-Telnet ports to only authorized addresses, blocking the unauthenticated crafted-TCP DoS vector.

AC-17 Remote Access partial match
prevent

Requires explicit authorization and control of remote CLI access methods such as Telnet, limiting the attack surface that the CVE exploits.

References