| Vulnerability Name: | CVE-2004-1322 (CCN-18489) | ||||||||
| Assigned: | 2004-12-15 | ||||||||
| Published: | 2004-12-15 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2004-1322 Source: CCN Type: CIAC Information Bulletin P-060 Cisco Unity with Exchange Default Passwords Vulnerability Source: CIAC Type: Patch, Vendor Advisory P-060 Source: CCN Type: Cisco Security Advisory 2004 December 15 1600 UTC (GMT) Cisco Unity with Exchange Has Default Passwords Source: CISCO Type: Patch, Vendor Advisory 20041215 Cisco Unity Integrated with Exchange Has Default Passwords Source: CCN Type: OSVDB ID: 12408 Cisco Unity With Microsoft Exchange Multiple Default Accounts Source: BID Type: Patch, Vendor Advisory 11954 Source: CCN Type: BID-11954 Cisco Unity With Exchange Default User Accounts and Passwords Vulnerability Source: XF Type: UNKNOWN cisco-unity-exchange-default-accounts(18489) Source: XF Type: UNKNOWN cisco-unity-exchange-default-accounts(18489) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||