CVE-2012-0366Cisco Unity Connection vulnerability

CWE-2644 documents4 sources
Severity
9.0CRITICALNVD
EPSS
0.4%
top 38.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unity Connection
Timeline
PublishedMar 1
Latest updateMay 4

Description

Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDcisco/unity_connection7.1\(3b\)su1+47

🔴Vulnerability Details

2
GHSA
GHSA-87q4-9j27-9f9c: Cisco Unity Connection before 72022-05-04
CVEList
CVE-2012-0366: Cisco Unity Connection before 72012-03-01

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco Unity Connection2012-03-01
CVE-2012-0366 — Cisco Unity Connection vulnerability | cvebase