Lucene search
CiscoCVE-2014-0728HistoryFeb 13, 2014 - 5:24 a.m.
CVE-2014-0728
2014-02-1305:24:51
CWE-89
cisco
web.nvd.nist.gov
23
cve-2014-0728
sql injection
cisco unified communications manager
ucm
remote attackers
arbitrary sql commands
crafted url
bug id cscum05313
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.002
Percentile
57.1%
SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.
Affected configurations
Node
ciscounified_communications_managerRange≤10.0\(1\)
ORciscounified_communications_managerMatch10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 10.0 | cpe:2.3:a:cisco:unified_communications_manager:10.0:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2014-02-13 05:24:00
nvd
nvd
CVE-2014-0728
2014-02-13 05:24:51
cisco
cisco
cvelist
cvelist
CVE-2014-0728
2014-02-13 02:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.002
Percentile
57.1%
Related for CVE-2014-0728