CVE-2004-1322

Опубликовано: 15 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.

Ссылки

http://www.ciac.org/ciac/bulletins/p-060.shtml
Patch
Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11954
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18489
http://www.ciac.org/ciac/bulletins/p-060.shtml
Patch
Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11954
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18489

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:cisco:unity_server:2.0:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:2.1:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:2.2:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:2.3:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:2.4:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:2.46:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:3.0:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:3.1:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:3.2:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:3.3:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unity_server:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00784

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h5m8-348v-5qmc

github

больше 3 лет назад