FKIE_CVE-2012-0366

Vulnerability from fkie_nvd - Published: 2012-03-01 01:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucVendor Advisory
Impacted products
Vendor Product Version
cisco unity_connection *
cisco unity_connection 1.1
cisco unity_connection 1.1\(1\)
cisco unity_connection 1.1\(1\)_es1
cisco unity_connection 1.1\(1\)_es12
cisco unity_connection 1.1\(1\)_sr1
cisco unity_connection 1.2
cisco unity_connection 1.2\(1\)
cisco unity_connection 1.2\(1\)_es65
cisco unity_connection 1.2\(1\)sr2
cisco unity_connection 2.0
cisco unity_connection 2.0\(1\)
cisco unity_connection 2.1
cisco unity_connection 2.1\(1\)
cisco unity_connection 2.1\(2\)
cisco unity_connection 2.1\(3\)
cisco unity_connection 2.1\(3b\)su1
cisco unity_connection 2.1\(4\)
cisco unity_connection 2.1\(4\)su1
cisco unity_connection 2.1\(4a\)
cisco unity_connection 2.1\(4a\)su2
cisco unity_connection 2.1\(5\)
cisco unity_connection 2.1\(5\)su1
cisco unity_connection 2.1\(5\)su2
cisco unity_connection 2.1\(5\)su3
cisco unity_connection 6.1\(3b\)su1
cisco unity_connection 7.0
cisco unity_connection 7.0\(2\)
cisco unity_connection 7.0\(2a\)su2
cisco unity_connection 7.0\(2a\)su3
cisco unity_connection 7.1
cisco unity_connection 7.1\(2\)
cisco unity_connection 7.1\(2a\)
cisco unity_connection 7.1\(2a\)su1
cisco unity_connection 7.1\(2b\)
cisco unity_connection 7.1\(2b\)su1
cisco unity_connection 7.1\(3\)
cisco unity_connection 7.1\(3a\)
cisco unity_connection 7.1\(3a\)su1
cisco unity_connection 7.1\(3a\)su1a
cisco unity_connection 7.1\(3b\)
cisco unity_connection 7.1\(5\)
cisco unity_connection 7.1\(5\)su1a
cisco unity_connection 7.1\(5a\)
cisco unity_connection 7.1\(5b\)
cisco unity_connection 7.1\(5b\)su2
cisco unity_connection 7.1\(5b\)su3
cisco unity_connection 7.1\(5b\)su4
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D73D6C-A9C1-4E4A-81F9-7651118120D4",
              "versionEndIncluding": "7.1\\(3b\\)su1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3AE997-4D63-4CFE-BF22-7221EC9B2450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2541F3D6-BD69-47D6-8070-DDCEDEE7F497",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.1\\(1\\)_es1:*:*:*:*:*:*:*",
              "matchCriteriaId": "24B4F97A-170A-4ADD-B7E7-FBA25CF75608",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.1\\(1\\)_es12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAB8EB6D-5220-42B0-B03B-6C469DA11412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.1\\(1\\)_sr1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA8D2F-E052-41F8-B789-FD108680CB2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DC2AB24-3EA7-418D-A6C7-3E117D5D9CB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CA4EE9E7-FA5C-4EBF-82E7-96BA070A5864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.2\\(1\\)_es65:*:*:*:*:*:*:*",
              "matchCriteriaId": "3493411D-57F7-44E7-9B86-8FC6CF816A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:1.2\\(1\\)sr2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FF8F62-7D97-4763-BF47-F90C1E061CD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "457A6420-D5B3-44D8-8E0C-48F2D83BD978",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD675A5-D5FD-464A-8DBA-69687609913D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "055C8F15-64A3-42B9-8744-C8CDA6D15203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "46FBE411-C945-4800-AA5B-A2BB0CE02EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B355503F-8484-47CA-8A82-6B2903FFBBC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "309EC45A-5DFA-40EF-8BBC-151E202C3753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(3b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C65F5A4C-5A5D-4B58-8D66-D26F72CAB5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E685D1A6-309E-4E25-995D-98057100B31D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(4\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F6C433-DD59-4639-8D19-380BF7943661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(4a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB9AF3B-7721-4514-BEEF-A6414BBC4442",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(4a\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "941E4D43-3DE4-4F6A-8BC9-A2DC14C645D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "22087C01-F009-43D6-AEA0-246DACCA5947",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(5\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "950E8D14-CF22-4D8C-A28E-E99FD2F13508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(5\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23CAF193-B287-482B-A62B-ADC39B9E1C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:2.1\\(5\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "598BD90A-E0A2-488B-830A-9D6E61F996F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:6.1\\(3b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B6A8F36-1B43-4034-BECF-9F5023EE9544",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE719821-4902-48A6-9E07-D1E93CE2A498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DD637040-DE0E-4363-872C-3AD574DD511F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.0\\(2a\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DA14B8-F197-42C4-B82B-4C70E0E34DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.0\\(2a\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "51400F37-A6F6-43CA-BEC5-5F8E289CB633",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00DC7204-2E62-441B-A432-3B33224680AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B52ADDA2-D366-474C-AE65-83998FED89F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6CBE0184-2D1B-4DA2-B1B6-59B3E013557A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(2a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C6DED4-9D0D-4FE3-BC94-BE1B6CBCCB5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(2b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBF4DF8-EA6E-4160-918C-8938188E22E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(2b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0591D082-7290-476D-A0B8-DEA649AE661D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8CB1C1C9-5F1A-40F7-BEB0-66B1793C538C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B69719BD-D624-479A-BF75-04A6D1691585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(3a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "851E3C54-848C-4D6A-AC2E-9FADC3377377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(3a\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "90C04291-80AC-4804-86DE-D7D5653F3824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(3b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC6E1B0-2BEB-45C1-90F5-F79D1FBC714A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE964E1-0A54-49C4-A1EC-5707DBADC4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0610189-1E2D-4CED-AB12-E80E7F9F1930",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E56D2B86-DAC0-4E3C-A13C-4908D4312487",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7026853F-6467-41C8-AE31-B8742D230473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5b\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DB6DB1C-9493-4FE6-BBED-11C5B0BDCAE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5b\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "286C8ECF-BFEB-41BD-8286-595B27AB5CB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unity_connection:7.1\\(5b\\)su4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6106891F-A7EF-4380-AF53-F644C637487E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141."
    },
    {
      "lang": "es",
      "value": "Cisco Unity Connection anteriores a v7.1.3b(Su2) permite a usuarios remotos autenticados a cambiar la contrase\u00f1a de administraci\u00f3n by aprovechando el rol de Help Desk Administrator, tambi\u00e9n conocido como Bug ID CSCtd45141."
    }
  ],
  "id": "CVE-2012-0366",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-03-01T01:55:01.003",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.