Vulnerabilities > CVE-2006-2166 - Unspecified vulnerability in Cisco Unity Express and Unity Express Software
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 | |
| Hardware | 1 |
References
- http://secunia.com/advisories/19881
- http://secunia.com/advisories/19881
- http://securitytracker.com/id?1016015
- http://securitytracker.com/id?1016015
- http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml
- http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml
- http://www.osvdb.org/25165
- http://www.osvdb.org/25165
- http://www.securityfocus.com/bid/17775
- http://www.securityfocus.com/bid/17775
- http://www.vupen.com/english/advisories/2006/1613
- http://www.vupen.com/english/advisories/2006/1613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26165
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26165