CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
78.1%
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unity | 4.0 | cpe:2.3:a:cisco:unity:4.0:*:*:*:*:*:*:* |
cisco | unity | 4.0(1) | cpe:2.3:a:cisco:unity:4.0\(1\):*:*:*:*:*:*:* |
cisco | unity | 4.0(2) | cpe:2.3:a:cisco:unity:4.0\(2\):*:*:*:*:*:*:* |
cisco | unity | 4.0(3) | cpe:2.3:a:cisco:unity:4.0\(3\):*:*:*:*:*:*:* |
cisco | unity | 4.0(3) | cpe:2.3:a:cisco:unity:4.0\(3\):sr1:*:*:*:*:*:* |
cisco | unity | 4.0(4) | cpe:2.3:a:cisco:unity:4.0\(4\):*:*:*:*:*:*:* |
cisco | unity | 4.0(4) | cpe:2.3:a:cisco:unity:4.0\(4\):sr1:*:*:*:*:*:* |
cisco | unity | 4.0(5) | cpe:2.3:a:cisco:unity:4.0\(5\):*:*:*:*:*:*:* |
cisco | unity | 4.1(1) | cpe:2.3:a:cisco:unity:4.1\(1\):*:*:*:*:*:*:* |
cisco | unity | 4.2(1) | cpe:2.3:a:cisco:unity:4.2\(1\):*:*:*:*:*:*:* |
secunia.com/advisories/32187
www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.shtml
www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html
www.securityfocus.com/bid/31638
www.securityfocus.com/bid/31642
www.securitytracker.com/id?1021011
www.voipshield.com/research-details.php?id=126
www.vupen.com/english/advisories/2008/2771
exchange.xforce.ibmcloud.com/vulnerabilities/45741