Описание
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:unity_express_software:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unity_express_software:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unity_express_software:2.2.2:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00496
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
EPSS
Процентиль: 65%
0.00496
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other