CVE-2006-2166

Currently unrated

Key Information:

Vendor: Cisco
Status: Unity Express Software; Unity Express
Vendor: CVE Published:; 4 May 2006

Summary

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.

References

http://secunia.com/advisories/19881

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/1613

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/25165

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
May 4, 2006
Vulnerability Reserved
May 3, 2006