Vulnerability Description
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | 80-7111-01 For The Unity-Svrx255-1A | All versions |
| Cisco | 80-7112-01 For The Unity-Svrx255-2A | All versions |
References
- http://www.cisco.com/warp/public/707/cisco-sa-20031210-unity.shtmlPatchVendor Advisory
- http://www.cisco.com/warp/public/707/cisco-sa-20031210-unity.shtmlPatchVendor Advisory
FAQ
What is CVE-2003-0983?
CVE-2003-0983 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bub...
How severe is CVE-2003-0983?
CVE-2003-0983 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0983?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco 80-7111-01 For The Unity-Svrx255-1A, Cisco 80-7112-01 For The Unity-Svrx255-2A.