Default User Account Vulnerabilities in Cisco Unity 2.x and 3.x
CVE-2002-1190

Currently unrated

Key Information:

Vendor: Cisco
Status: Unity Server
Vendor: CVE Published:; 28 October 2002

Summary

Cisco Unity versions 2.x and 3.x are susceptible to vulnerabilities due to the use of well-known default user accounts. This security flaw can be exploited by remote attackers, potentially granting them unauthorized access to the system. Once unauthorized access is obtained, attackers may place arbitrary phone calls, leading to significant risks such as toll fraud and disruption of services. Administrators are urged to review and secure default configurations to mitigate these risks effectively.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44545

vdb-entryx_refsource_XF

http://www.iss.net/security_center/static/10282.php

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/toll-fraud-pub.shtml

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 28, 2002
Vulnerability Reserved
Oct 4, 2002