Page 14 of 72 results (0.011 seconds)

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password. • http://secunia.com/advisories/19881 http://securitytracker.com/id?1016015 http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml http://www.osvdb.org/25165 http://www.securityfocus.com/bid/17775 http://www.vupen.com/english/advisories/2006/1613 https://exchange.xforce.ibmcloud.com/vulnerabilities/26165 •

CVSS: 5.0EPSS: 12%CPEs: 8EXPL: 0

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 http://securitytracker.com/id?1014043 http://securitytracker.com/id?1014044 http://securitytracker.com/id?1014045 http://securitytracker.com/id?1014046 http://securitytracker.com/id? •

CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •

CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. • http://www.ciac.org/ciac/bulletins/p-060.shtml http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml http://www.securityfocus.com/bid/11954 https://exchange.xforce.ibmcloud.com/vulnerabilities/18489 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. Cisco Unitiy en servidores IBM es entregado con una configuración por defecto que debería haber sido deshabilitada por el fabricante, lo que permite a atacantes locales o remotos conducir actividades no autorizadas mediante una cuenta de usuario "bubba" local, o un puerto TCP 34571 abierto, o cuando un servidor DHCP local no está disponible, un servidor DHCP en la red de prueba del fabricante. • http://www.cisco.com/warp/public/707/cisco-sa-20031210-unity.shtml •