VYPR

Unity

by Cisco Systems, Inc.

CVEs (10)

  • CVE-2022-22564Feb 14, 2023
    risk 0.00cvss epss 0.00

    Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.

  • CVE-2008-4545Oct 13, 2008
    risk 0.00cvss epss 0.01

    Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory.

  • CVE-2008-4544Oct 13, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error."

  • CVE-2008-4543Oct 13, 2008
    risk 0.00cvss epss 0.02

    Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections.

  • CVE-2008-4542Oct 13, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store).

  • CVE-2008-3814Oct 8, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration…

  • CVE-2004-1322Dec 15, 2004
    risk 0.00cvss epss 0.02

    Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.

  • CVE-2003-0983Jan 5, 2004
    risk 0.00cvss epss 0.02

    Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP…

  • CVE-2002-1190Oct 28, 2002
    risk 0.00cvss epss 0.02

    Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls.

  • CVE-2002-1189Oct 11, 2002
    risk 0.00cvss epss 0.00

    The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding.