Details of VAR-200401-0028

ID

VAR-200401-0028

CVE

CVE-2003-0983

TITLE

IBM Server vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200401-010

DESCRIPTION

Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network

Trust: 1.26

sources: NVD: CVE-2003-0983 // BID: 88187 // VULHUB: VHN-7808

AFFECTED PRODUCTS

vendor:	cisco	model:	80-7112-01 for the unity-svrx255-2a	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	80-7111-01 for the unity-svrx255-1a	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	80-7111-01 for the unity-svrx255-1a	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	80-7112-01 for the unity-svrx255-2a	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	for the unity-svrx255-2a	scope:	eq	version:	80-7112-01	Trust: 0.3
vendor:	cisco	model:	for the unity-svrx255-1a	scope:	eq	version:	80-7111-01	Trust: 0.3

sources: BID: 88187 // CNNVD: CNNVD-200401-010 // NVD: CVE-2003-0983

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2003-0983
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200401-010
value:	HIGH
Trust: 0.6
VULHUB:	VHN-7808
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2003-0983
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-7808
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-7808 // CNNVD: CNNVD-200401-010 // NVD: CVE-2003-0983

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0983

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200401-010

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200401-010

EXTERNAL IDS

db:	NVD	id:	CVE-2003-0983	Trust: 2.0
db:	CNNVD	id:	CNNVD-200401-010	Trust: 0.7
db:	CISCO	id:	20031210 UNITY VULNERABILITIES ON IBM-BASED SERVERS	Trust: 0.6
db:	BID	id:	88187	Trust: 0.3
db:	VULHUB	id:	VHN-7808	Trust: 0.1

sources: VULHUB: VHN-7808 // BID: 88187 // CNNVD: CNNVD-200401-010 // NVD: CVE-2003-0983

REFERENCES

url:

http://www.cisco.com/warp/public/707/cisco-sa-20031210-unity.shtml

Trust: 2.0

sources: VULHUB: VHN-7808 // BID: 88187 // CNNVD: CNNVD-200401-010 // NVD: CVE-2003-0983

CREDITS

Unknown

Trust: 0.3

sources: BID: 88187

SOURCES

db:	VULHUB	id:	VHN-7808
db:	BID	id:	88187
db:	CNNVD	id:	CNNVD-200401-010
db:	NVD	id:	CVE-2003-0983

LAST UPDATE DATE

2024-08-14T14:29:29.225000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-7808	date:	2008-09-10T00:00:00
db:	BID	id:	88187	date:	2016-07-06T14:33:00
db:	CNNVD	id:	CNNVD-200401-010	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2003-0983	date:	2008-09-10T19:21:19.977

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-7808	date:	2004-01-05T00:00:00
db:	BID	id:	88187	date:	2004-01-05T00:00:00
db:	CNNVD	id:	CNNVD-200401-010	date:	2004-01-05T00:00:00
db:	NVD	id:	CVE-2003-0983	date:	2004-01-05T05:00:00