cve-2012-0366
Vulnerability from cvelistv5
Published
2012-03-01 01:00
Modified
2024-09-16 19:46
Severity ?
Summary
Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.
References
ykramarz@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucVendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:23:30.652Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20120229 Multiple Vulnerabilities in Cisco Unity Connection",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-03-01T01:00:00Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20120229 Multiple Vulnerabilities in Cisco Unity Connection",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2012-0366",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20120229 Multiple Vulnerabilities in Cisco Unity Connection",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2012-0366",
    "datePublished": "2012-03-01T01:00:00Z",
    "dateReserved": "2012-01-04T00:00:00Z",
    "dateUpdated": "2024-09-16T19:46:51.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-0366\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2012-03-01T01:55:01.003\",\"lastModified\":\"2024-11-21T01:34:51.210\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.\"},{\"lang\":\"es\",\"value\":\"Cisco Unity Connection anteriores a v7.1.3b(Su2) permite a usuarios remotos autenticados a cambiar la contrase\u00f1a de administraci\u00f3n by aprovechando el rol de Help Desk Administrator, tambi\u00e9n conocido como Bug ID CSCtd45141.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.1\\\\(3b\\\\)su1\",\"matchCriteriaId\":\"E6D73D6C-A9C1-4E4A-81F9-7651118120D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3AE997-4D63-4CFE-BF22-7221EC9B2450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2541F3D6-BD69-47D6-8070-DDCEDEE7F497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.1\\\\(1\\\\)_es1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24B4F97A-170A-4ADD-B7E7-FBA25CF75608\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.1\\\\(1\\\\)_es12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAB8EB6D-5220-42B0-B03B-6C469DA11412\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.1\\\\(1\\\\)_sr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FBA8D2F-E052-41F8-B789-FD108680CB2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2AB24-3EA7-418D-A6C7-3E117D5D9CB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4EE9E7-FA5C-4EBF-82E7-96BA070A5864\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.2\\\\(1\\\\)_es65:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3493411D-57F7-44E7-9B86-8FC6CF816A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:1.2\\\\(1\\\\)sr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06FF8F62-7D97-4763-BF47-F90C1E061CD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"457A6420-D5B3-44D8-8E0C-48F2D83BD978\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD675A5-D5FD-464A-8DBA-69687609913D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055C8F15-64A3-42B9-8744-C8CDA6D15203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46FBE411-C945-4800-AA5B-A2BB0CE02EA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B355503F-8484-47CA-8A82-6B2903FFBBC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"309EC45A-5DFA-40EF-8BBC-151E202C3753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(3b\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C65F5A4C-5A5D-4B58-8D66-D26F72CAB5AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E685D1A6-309E-4E25-995D-98057100B31D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(4\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F6C433-DD59-4639-8D19-380BF7943661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(4a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB9AF3B-7721-4514-BEEF-A6414BBC4442\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(4a\\\\)su2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941E4D43-3DE4-4F6A-8BC9-A2DC14C645D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22087C01-F009-43D6-AEA0-246DACCA5947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(5\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"950E8D14-CF22-4D8C-A28E-E99FD2F13508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(5\\\\)su2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23CAF193-B287-482B-A62B-ADC39B9E1C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:2.1\\\\(5\\\\)su3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"598BD90A-E0A2-488B-830A-9D6E61F996F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:6.1\\\\(3b\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B6A8F36-1B43-4034-BECF-9F5023EE9544\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE719821-4902-48A6-9E07-D1E93CE2A498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD637040-DE0E-4363-872C-3AD574DD511F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.0\\\\(2a\\\\)su2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DA14B8-F197-42C4-B82B-4C70E0E34DD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.0\\\\(2a\\\\)su3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51400F37-A6F6-43CA-BEC5-5F8E289CB633\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00DC7204-2E62-441B-A432-3B33224680AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B52ADDA2-D366-474C-AE65-83998FED89F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(2a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CBE0184-2D1B-4DA2-B1B6-59B3E013557A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(2a\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C6DED4-9D0D-4FE3-BC94-BE1B6CBCCB5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(2b\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FBF4DF8-EA6E-4160-918C-8938188E22E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(2b\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0591D082-7290-476D-A0B8-DEA649AE661D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CB1C1C9-5F1A-40F7-BEB0-66B1793C538C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(3a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B69719BD-D624-479A-BF75-04A6D1691585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(3a\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"851E3C54-848C-4D6A-AC2E-9FADC3377377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(3a\\\\)su1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90C04291-80AC-4804-86DE-D7D5653F3824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(3b\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFC6E1B0-2BEB-45C1-90F5-F79D1FBC714A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EE964E1-0A54-49C4-A1EC-5707DBADC4B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5\\\\)su1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0610189-1E2D-4CED-AB12-E80E7F9F1930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E56D2B86-DAC0-4E3C-A13C-4908D4312487\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5b\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7026853F-6467-41C8-AE31-B8742D230473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5b\\\\)su2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DB6DB1C-9493-4FE6-BBED-11C5B0BDCAE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5b\\\\)su3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"286C8ECF-BFEB-41BD-8286-595B27AB5CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unity_connection:7.1\\\\(5b\\\\)su4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6106891F-A7EF-4380-AF53-F644C637487E\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.