CPE Details
Cisco Unity Server 2.2
2.2
2007-08-23
19h16 +00:00
19h16 +00:00
2008-04-01
12h41 +00:00
12h41 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:h:cisco:unity_server:2.2:*:*:*:*:*:*:*
Informations
Vendor
ciscoProduct
unity_serverVersion
2.2Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5 |
|||
| Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | 7.5 |
|||
| The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding. | 4.6 |
|||
| Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls. | 7.5 |
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.