Lucene search
CiscoCVE-2014-3339HistoryAug 12, 2014 - 11:55 p.m.
CVE-2014-3339
2014-08-1223:55:03
CWE-89
cisco
web.nvd.nist.gov
32
cve-2014-3339
sql injection
cisco
cm
cups
admin interface
vulnerability
nvd
bug id cscup74290
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.003
Percentile
69.8%
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.
Affected configurations
Node
ciscounified_communications_domain_managerMatch-
ORciscounified_presence_server
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_domain_manager | - | cpe:2.3:a:cisco:unified_communications_domain_manager:-:*:*:*:*:*:*:* |
| cisco | unified_presence_server | * | cpe:2.3:a:cisco:unified_presence_server:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-3339
2014-08-12 23:55:03
cvelist
cvelist
CVE-2014-3339
2014-08-12 23:00:00
cisco
cisco
prion
prion
Sql injection
2014-08-12 23:55:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.003
Percentile
69.8%
Related for CVE-2014-3339