Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2012-0366

Published

11 years ago

Last Modified

11 years ago

CVSSv2.0 Severity

High

Impact Analysis

Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141..

CVSSv2.0 Score

Severity: High
Base Score: 9/10
Exploit Score: 8/10
Access Vector: Network
Access Complexity: Low
Authentication Required: Single
Impact Score: 10/10
Confidentiality Impact: Complete
Availability Impact: Complete
Integrity Impact: Complete

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:cisco:unity_connection:2.1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.0\(2a\)su2:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(3b\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5a\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(2\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.2:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(4\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.0\(2\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5b\)su2:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:6.1\(3b\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection::::::::	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.1\(1\)_sr1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5b\)su4:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(3a\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.0\(2a\)su3:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(4a\)su2:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.2\(1\)_es65:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.2\(1\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.1\(1\)_es1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(5\)su3:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(2a\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(5\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(5\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(5\)su2:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.1\(1\)_es12:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(4a\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.0\(1\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5b\)su3:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(2b\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.0:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(3a\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5b\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.1\(1\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(3\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(5\)su1a:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(3b\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(3a\)su1a:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(4\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(1\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(3\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(2a\)su1:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:1.2\(1\)sr2:::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:2.1\(2\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.1\(2b\):::::::*	Yes	-	-
cpe:2.3:a:cisco:unity_connection:7.0:::::::*	Yes	-	-

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-c