Lucene search
HistoryMay 04, 2006 - 12:38 p.m.
CVE-2006-2166
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.005
Percentile
75.7%
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
Affected configurations
Node
ciscounity_express_softwareMatch1.1.1
ORciscounity_express_softwareMatch2.1.1
ORciscounity_express_softwareMatch2.2.2
ORciscounity_express
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unity_express_software | 1.1.1 | cpe:2.3:a:cisco:unity_express_software:1.1.1:*:*:*:*:*:*:* |
| cisco | unity_express_software | 2.1.1 | cpe:2.3:a:cisco:unity_express_software:2.1.1:*:*:*:*:*:*:* |
| cisco | unity_express_software | 2.2.2 | cpe:2.3:a:cisco:unity_express_software:2.2.2:*:*:*:*:*:*:* |
| cisco | unity_express | * | cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2006-2166
2006-05-04 12:38:00
prion
prion
Design/Logic Flaw
2006-05-04 12:38:00
cisco
cisco
Cisco Unity Express Expired Password Reset Privilege Escalation
2006-05-01 23:00:00
cvelist
cvelist
CVE-2006-2166
2006-05-04 10:00:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.005
Percentile
75.7%
Related for NVD:CVE-2006-2166