Cisco : Security vulnerabilities, CVEs sql injection published in July 2013

Copy

CVE-2013-3437

SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179.

Max CVSS

6.5

EPSS Score

0.14%

Published

2013-07-23

Updated

2016-09-16

CVE-2013-3412

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.

Max CVSS

6.5

EPSS Score

0.12%

Published

2013-07-18

Updated

2013-08-20

CVE-2013-3404

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.

Max CVSS

7.5

EPSS Score

0.15%

Published

2013-07-18

Updated

2013-08-20

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!