CVE-2004-1322

critical

Description

Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18489

http://www.securityfocus.com/bid/11954

http://www.cisco.com/warp/public/707/cisco-sa-20041215-unity.shtml

http://www.ciac.org/ciac/bulletins/p-060.shtml

Details

Source: Mitre, NVD

Published: 2004-12-15

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00784