Executive Summary

Informations
NameCVE-2008-3814First vendor Publication2008-10-08
VendorCveLast vendor Modification2011-05-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Cvss Base Score5.8Attack RangeNetwork
Cvss Impact Score4.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3814

CWE : Common Weakness Enumeration

idName
CWE-287Improper Authentication

CPE : Common Platform Enumeration

TypeDescriptionCount
Application14

Open Source Vulnerability Database (OSVDB)

idDescription
49063Cisco Unity Authentication Bypass Configuration Modification

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/31638
http://www.securityfocus.com/bid/31642
CISCOhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85...
http://www.cisco.com/en/US/products/products_security_response09186a0080a0d86...
MISChttp://www.voipshield.com/research-details.php?id=126
SECTRACKhttp://www.securitytracker.com/id?1021011
SECUNIAhttp://secunia.com/advisories/32187
VUPENhttp://www.vupen.com/english/advisories/2008/2771
XFhttp://xforce.iss.net/xforce/xfdb/45741

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-11 00:24:42
  • Multiple Updates