CVE-2006-2166
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/05/2006
Last modified:
03/04/2025
Description
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.
Impact
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:cisco:unity_express_software:1.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:unity_express_software:2.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:unity_express_software:2.2.2:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/19881
- http://securitytracker.com/id?1016015=
- http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml
- http://www.osvdb.org/25165
- http://www.securityfocus.com/bid/17775
- http://www.vupen.com/english/advisories/2006/1613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26165
- http://secunia.com/advisories/19881
- http://securitytracker.com/id?1016015=
- http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml
- http://www.osvdb.org/25165
- http://www.securityfocus.com/bid/17775
- http://www.vupen.com/english/advisories/2006/1613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26165