Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2013-3412
HistoryJul 18, 2013 - 12:48 p.m.

CVE-2013-3412

2013-07-1812:48:56
CWE-89
cisco
web.nvd.nist.gov
21
cve-2013-3412
sql injection
cisco unified communications manager
cucm
remote authenticated users
arbitrary sql commands
bug id cscuh81766

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.001

Percentile

45.3%

JSON

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.

Affected configurations

Nvd
Node
ciscounified_communications_managerMatch7.1\(2a\)
OR
ciscounified_communications_managerMatch7.1\(2a\)su1
OR
ciscounified_communications_managerMatch7.1\(2b\)
OR
ciscounified_communications_managerMatch7.1\(2b\)su1
OR
ciscounified_communications_managerMatch7.1\(3\)
OR
ciscounified_communications_managerMatch7.1\(3a\)
OR
ciscounified_communications_managerMatch7.1\(3a\)su1
OR
ciscounified_communications_managerMatch7.1\(3a\)su1a
OR
ciscounified_communications_managerMatch7.1\(3b\)
OR
ciscounified_communications_managerMatch7.1\(3b\)su1
OR
ciscounified_communications_managerMatch7.1\(3b\)su2
OR
ciscounified_communications_managerMatch7.1\(5\)
OR
ciscounified_communications_managerMatch7.1\(5\)su1
OR
ciscounified_communications_managerMatch7.1\(5\)su1a
OR
ciscounified_communications_managerMatch7.1\(5a\)
OR
ciscounified_communications_managerMatch7.1\(5b\)
OR
ciscounified_communications_managerMatch7.1\(5b\)su1
OR
ciscounified_communications_managerMatch7.1\(5b\)su1a
OR
ciscounified_communications_managerMatch7.1\(5b\)su2
OR
ciscounified_communications_managerMatch7.1\(5b\)su3
OR
ciscounified_communications_managerMatch7.1\(5b\)su4
OR
ciscounified_communications_managerMatch7.1\(5b\)su5
OR
ciscounified_communications_managerMatch7.1\(5b\)su6
Node
ciscounified_communications_managerMatch8.0
OR
ciscounified_communications_managerMatch8.0\(1\)
OR
ciscounified_communications_managerMatch8.0\(2\)
OR
ciscounified_communications_managerMatch8.0\(2a\)
OR
ciscounified_communications_managerMatch8.0\(2b\)
OR
ciscounified_communications_managerMatch8.0\(2c\)
OR
ciscounified_communications_managerMatch8.0\(2c\)su1
OR
ciscounified_communications_managerMatch8.0\(3\)
OR
ciscounified_communications_managerMatch8.0\(3a\)
OR
ciscounified_communications_managerMatch8.0\(3a\)su1
OR
ciscounified_communications_managerMatch8.0\(3a\)su2
OR
ciscounified_communications_managerMatch8.0\(3a\)su3
Node
ciscounified_communications_managerMatch8.5
OR
ciscounified_communications_managerMatch8.5\(1\)
OR
ciscounified_communications_managerMatch8.5\(1\)su1
OR
ciscounified_communications_managerMatch8.5\(1\)su2
OR
ciscounified_communications_managerMatch8.5\(1\)su3
OR
ciscounified_communications_managerMatch8.5\(1\)su4
OR
ciscounified_communications_managerMatch8.5\(1\)su5
Node
ciscounified_communications_managerMatch8.6
OR
ciscounified_communications_managerMatch8.6\(1\)
OR
ciscounified_communications_managerMatch8.6\(1a\)
OR
ciscounified_communications_managerMatch8.6\(2\)
OR
ciscounified_communications_managerMatch8.6\(2a\)
OR
ciscounified_communications_managerMatch8.6\(2a\)su1
OR
ciscounified_communications_managerMatch8.6\(2a\)su2
OR
ciscounified_communications_managerMatch8.6\(2a\)su3
OR
ciscounified_communications_managerMatch8.6\(3\)
OR
ciscounified_communications_managerMatch8.6\(4\)
Node
ciscounified_communications_managerMatch9.0\(1\)
OR
ciscounified_communications_managerMatch9.1\(1\)
OR
ciscounified_communications_managerMatch9.1\(2\)
OR
ciscounified_communications_managerMatch9.1.1\(a\)
VendorProductVersionCPE
ciscounified_communications_manager7.1%282b%29su1cpe:/a:cisco:unified_communications_manager:7.1%282b%29su1:::
ciscounified_communications_manager7.1%282a%29su1cpe:/a:cisco:unified_communications_manager:7.1%282a%29su1:::
ciscounified_communications_manager7.1%285b%29su6cpe:/a:cisco:unified_communications_manager:7.1%285b%29su6:::
ciscounified_communications_manager7.1%283a%29cpe:/a:cisco:unified_communications_manager:7.1%283a%29:::
ciscounified_communications_manager7.1%282b%29cpe:/a:cisco:unified_communications_manager:7.1%282b%29:::
ciscounified_communications_manager7.1%285%29su1acpe:/a:cisco:unified_communications_manager:7.1%285%29su1a:::
ciscounified_communications_manager7.1%285b%29su2cpe:/a:cisco:unified_communications_manager:7.1%285b%29su2:::
ciscounified_communications_manager7.1%283a%29su1cpe:/a:cisco:unified_communications_manager:7.1%283a%29su1:::
ciscounified_communications_manager7.1%283a%29su1acpe:/a:cisco:unified_communications_manager:7.1%283a%29su1a:::
ciscounified_communications_manager7.1%285%29cpe:/a:cisco:unified_communications_manager:7.1%285%29:::
Rows per page:
1-10 of 231

Related

prion 1
nvd 1
cisco 2
cvelist 1
securityvulns 1
prion
prion
Sql injection
2013-07-18 12:48:00
nvd
nvd
CVE-2013-3412
2013-07-18 12:48:56
cisco
cisco
Cisco Unified Communications Manager Blind SQL Injection Vulnerability
2013-07-17 16:20:10
Multiple Vulnerabilities in Cisco Unified Communications Manager
2013-07-17 16:00:00
cvelist
cvelist
CVE-2013-3412
2013-07-18 00:00:00
securityvulns
securityvulns
Cisco Unified Communications Manager multiple security vulnerabilities
2013-07-19 00:00:00

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8.1

Confidence

Low

EPSS

0.001

Percentile

45.3%

JSON
Related for CVE-2013-3412
prion1nvd1cisco2cvelist1securityvulns1