Vulnerability Description
Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unity Server | 2.0 |
References
- http://www.ciac.org/ciac/bulletins/p-060.shtmlPatchVendor Advisory
- http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11954PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18489
- http://www.ciac.org/ciac/bulletins/p-060.shtmlPatchVendor Advisory
- http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11954PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18489
FAQ
What is CVE-2004-1322?
CVE-2004-1322 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configurati...
How severe is CVE-2004-1322?
CVE-2004-1322 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1322?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unity Server.