CVE-2004-0044

2004-09-0104:00:00

mitre

www.cve.org

AI Score

7.3

Confidence

Low

EPSS

0.007

Percentile

80.2%

JSON

Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when “Allow Only Cisco CallManager Users” is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows remote attackers to gain access with a valid username.

References

www.cisco.com/warp/public/707/cisco-sa-20040108-pa.shtml

www.osvdb.org/3430

www.securityfocus.com/bid/9384

exchange.xforce.ibmcloud.com/vulnerabilities/14172