Sql injection

2014-07-2611:11:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.8%

JSON

SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957.

CPENameOperatorVersion
security_managereq4.6
security_managereq4.5

CPE	Name	Operator	Version
	security_manager	eq	4.6
	security_manager	eq	4.5

References

secunia.com/advisories/60455

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3326

tools.cisco.com/security/center/viewAlert.x?alertId=35029

www.securityfocus.com/bid/68877

www.securitytracker.com/id/1030639

exchange.xforce.ibmcloud.com/vulnerabilities/94841