CVE-2008-3814

EUVD-2008-3800
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
ciscounity
4.0
ciscounity
4.0\(1\)
ciscounity
4.0\(2\)
ciscounity
4.0\(3\)
ciscounity
4.0\(3\):sr1
ciscounity
4.0\(4\)
ciscounity
4.0\(4\):sr1
ciscounity
4.0\(5\)
ciscounity
4.1\(1\)
ciscounity
4.2\(1\)
ciscounity
5.0
ciscounity
5.0\(1\)
ciscounity
7.0
ciscounity
7.0\(2\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32187
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.shtml
http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html
http://www.securityfocus.com/bid/31638
http://www.securityfocus.com/bid/31642
http://www.securitytracker.com/id?1021011
http://www.voipshield.com/research-details.php?id=126
http://www.vupen.com/english/advisories/2008/2771
https://exchange.xforce.ibmcloud.com/vulnerabilities/45741
http://secunia.com/advisories/32187
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.shtml
http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html
http://www.securityfocus.com/bid/31638
http://www.securityfocus.com/bid/31642
http://www.securitytracker.com/id?1021011
http://www.voipshield.com/research-details.php?id=126
http://www.vupen.com/english/advisories/2008/2771
https://exchange.xforce.ibmcloud.com/vulnerabilities/45741