CVE-2004-0044

high Cisco
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
0.9%
Exploitation probability in 30 days
Top 25% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: February 3, 2004 (8136 days ago)
Last Modified: April 16, 2026
Vendor: Cisco
Source: NVD

Description

Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows remote attackers to gain access with a valid username.

CWE

NVD-CWE-Other

Affected Products

cisco personal assistant

References

🔗 www.cisco.com 🔗 www.osvdb.org 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com 🔗 www.cisco.com