Lucene search

CiscoCISCO-SA-20081008-UNITY

HistoryOct 08, 2008 - 4:00 p.m.

Authentication Bypass in Cisco Unity

2008-10-0816:00:00

tools.cisco.com

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

EPSS

0.006

Percentile

78.1%

JSON

A vulnerability exists in Cisco Unity that could allow an unauthenticated user to view or modify some of the configuration parameters of the Cisco Unity server. Cisco has released software updates that address this vulnerabilities. A workaround that mitigates this vulnerability is available.

This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20081008-unity [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20081008-unity”].

Affected configurations

Vulners

Node

ciscounityMatchany

VendorProductVersionCPE
ciscounityanycpe:2.3:a:cisco:unity:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unity	any	cpe:2.3:a:cisco:unity:any:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20081008-unity

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

EPSS

0.006

Percentile

78.1%

JSON

Related for CISCO-SA-20081008-UNITY