This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2002-10-11
Product Unity Server Last view 2005-05-31
Version Type Hardware
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:h:cisco:unity_server:2.4:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:3.0:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:2.0:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:2.1:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:2.2:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:2.3:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:2.46:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:3.1:*:*:*:*:*:*:* 4
cpe:2.3:h:cisco:unity_server:3.2:*:*:*:*:*:*:* 2
cpe:2.3:h:cisco:unity_server:3.3:*:*:*:*:*:*:* 2
cpe:2.3:h:cisco:unity_server:4.0:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
5 2005-05-31 CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
7.5 2004-12-15 CVE-2004-1322

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.
7.5 2002-10-28 CVE-2002-1190

Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls.
4.6 2002-10-11 CVE-2002-1189

The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding.

Open Source Vulnerability Database (OSVDB)

id Description
16685 Multiple Vendor Malformed TCP Timestamp DoS
15200 Cisco Unity Arbitrary International Operator Calls
12408 Cisco Unity With Microsoft Exchange Multiple Default Accounts
8873 Cisco Unity Default User Accounts
8872 Cisco Unity Call Forwarding International Call Restriction Bypass

OpenVAS Exploits

id Description
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-05:15.tcp.asc)
File : nvt/freebsdsa_tcp1.nasl

Nessus® Vulnerability Scanner

id Description
2014-10-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL4743.nasl - Type: ACT_GATHER_INFO