Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2166

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-2166
Last Modified 07 Mar 2011 09:35:28
Published 04 May 2006 08:38:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication SINGLE_INSTANCE

CVE-2006-2166

Summary

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.

Vulnerable Systems


References

SECUNIA - 19881

VUPEN - ADV-2006-1613

BID - 17775

CISCO - 20060501 Cisco Unity Express Expired Password Reset Privilege Escalation

SECTRACK - 1016015

XF - cisco-cue-privilege-escalation(26165)

OSVDB - 25165


Last Updated: 27 May 2016 10:42:22