Executive Summary

Informations
NameCVE-2012-0366First vendor Publication2012-02-29
VendorCveLast vendor Modification2012-03-01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score9Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0366

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application48

Information Assurance Vulnerability Management (IAVM)

DateDescription
2012-03-08IAVM : 2012-A-0034 - Multiple Vulnerabilities in Cisco Unity Connection
Severity : Category I - VMSKEY : V0031830

Nessus® Vulnerability Scanner

DateDescription
2013-09-28Name : Cisco Unity Connection is installed on the remote host and is affected by a p...
File : cisco_uc_7_1_3b.nasl - Type : ACT_GATHER_INFO
2013-09-28Name : The version of Cisco Unity Connection on the remote host is affected by a den...
File : cisco_uc_8_6_2.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
CISCOhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa...

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 11:07:26
  • Multiple Updates
2013-11-11 12:39:45
  • Multiple Updates
2013-05-10 22:32:18
  • Multiple Updates