CVE-2002-1190

Description

Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls.

Affected products

• Cisco / unity_server2.0 – 2.0
• Cisco / unity_server2.1 – 2.1
• Cisco / unity_server2.2 – 2.2
• Cisco / unity_server2.3 – 2.3
• Cisco / unity_server2.4 – 2.4
• Cisco / unity_server2.46 – 2.46
• Cisco / unity_server3.0 – 3.0
• Cisco / unity_server3.1 – 3.1

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/44545
• MISChttp://www.iss.net/security_center/static/10282.php
• VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/toll-fraud-pub.shtml