CVE-2006-2166 Information

Description

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier when running on any CUE Advanced Integration Module (AIM) or Network Module (NM) allows remote authenticated attackers to reset the password for any user with an expired password.

Reference

http://secunia.com/advisories/19881 http://securitytracker.com/id?1016015 http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml http://www.osvdb.org/25165 http://www.securityfocus.com/bid/17775 http://www.vupen.com/english/advisories/2006/1613 https://exchange.xforce.ibmcloud.com/vulnerabilities/26165