CVE-2006-2166

low

Cisco

CVSS v3 Base Score

2.1

AV:N/AC:H/Au:S/C:N/I:P/A:N

EPSS Score

0.5%

Exploitation probability in 30 days

Top 34% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

High

Confidentiality

None

Integrity

Availability

None

Published: May 4, 2006 (7314 days ago)

Last Modified: April 16, 2026

Vendor: Cisco

Source: NVD

Description

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.

CWE

NVD-CWE-Other

Affected Products

cisco unity express softwarecisco unity express

References

🔗 secunia.com 🔗 securitytracker.com 🔗 www.cisco.com 🔗 www.osvdb.org 🔗 www.securityfocus.com

CVE-2006-2166

Vulnerability Report

Description

CWE

Affected Products

References