7.5

CVE-2004-1322

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoUnity Server Version2.0
CiscoUnity Server Version2.1
CiscoUnity Server Version2.2
CiscoUnity Server Version2.3
CiscoUnity Server Version2.4
CiscoUnity Server Version2.46
CiscoUnity Server Version3.0
CiscoUnity Server Version3.1
CiscoUnity Server Version3.2
CiscoUnity Server Version3.3
CiscoUnity Server Version4.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.45% 0.823
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.ciac.org/ciac/bulletins/p-060.shtml
Patch
Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml
Patch
Vendor Advisory
http://www.securityfocus.com/bid/11954
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18489