Vulnerabilities > CVE-2006-2166 - Privilege Escalation vulnerability in Cisco Unity Express Expired Password
Attack vector
NETWORK Attack complexity
HIGH Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
Hardware | 1 |
References
- http://secunia.com/advisories/19881
- http://securitytracker.com/id?1016015
- http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml
- http://www.osvdb.org/25165
- http://www.securityfocus.com/bid/17775
- http://www.vupen.com/english/advisories/2006/1613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26165