Vulnerabilities > CVE-2004-0044 - Unspecified vulnerability in Cisco Personal Assistant 1.4(1)/1.4(2)
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows remote attackers to gain access with a valid username.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |