Lucene search
CiscoCVE-2014-0727HistoryFeb 13, 2014 - 5:24 a.m.
CVE-2014-0727
2014-02-1305:24:51
CWE-89
cisco
web.nvd.nist.gov
33
cve-2014-0727
sql injection
cisco
ucm
cmivr
vulnerability
nvd
bug id
cscum05318
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.002
Percentile
57.1%
SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318.
Affected configurations
Node
ciscounified_communications_manager
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2014-02-13 05:24:00
cisco
cisco
Cisco Unified Communications Manager CMIVR Blind SQL Injection Vulnerability
2014-02-12 20:01:18
cvelist
cvelist
CVE-2014-0727
2014-02-13 02:00:00
nvd
nvd
CVE-2014-0727
2014-02-13 05:24:51
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.002
Percentile
57.1%
Related for CVE-2014-0727