Cisco : Security Vulnerabilities, CVEs, Published In February 2014 (Sql injection)

CVE-2014-0734

SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483.
Max CVSS
7.5
EPSS Score
0.28%
Published
2014-02-20
Updated
2015-09-16

CVE-2014-0729

SQL injection vulnerability in the Enterprise Mobility Application (EMApp) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05302.
Max CVSS
7.5
EPSS Score
0.28%
Published
2014-02-13
Updated
2015-08-05

CVE-2014-0728

SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.
Max CVSS
7.5
EPSS Score
0.29%
Published
2014-02-13
Updated
2015-08-05

CVE-2014-0727

SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318.
Max CVSS
7.5
EPSS Score
0.29%
Published
2014-02-13
Updated
2015-09-16

CVE-2014-0726

SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326.
Max CVSS
7.5
EPSS Score
0.29%
Published
2014-02-13
Updated
2015-09-16
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close