CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
75.7%
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unity_express_software | 1.1.1 | cpe:2.3:a:cisco:unity_express_software:1.1.1:*:*:*:*:*:*:* |
cisco | unity_express_software | 2.1.1 | cpe:2.3:a:cisco:unity_express_software:2.1.1:*:*:*:*:*:*:* |
cisco | unity_express_software | 2.2.2 | cpe:2.3:a:cisco:unity_express_software:2.2.2:*:*:*:*:*:*:* |
cisco | unity_express | * | cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:* |