Unrated severityNVD Advisory· Published May 4, 2006· Updated Apr 16, 2026

CVE-2006-2166

Description

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.

Affected products

Cisco Systems, Inc./Unity Express Software3 versions
cpe:2.3:a:cisco:unity_express_software:1.1.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:unity_express_software:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_express_software:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_express_software:2.2.2:*:*:*:*:*:*:*
Cisco Systems, Inc./Unity Express
cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19881nvdPatchVendor Advisory
www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtmlnvdVendor Advisory
securitytracker.com/idnvd
www.osvdb.org/25165nvd
www.securityfocus.com/bid/17775nvd
www.vupen.com/english/advisories/2006/1613nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26165nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000