SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 prior to 5.1(3a) and 6.0/6.1 prior to 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified callmanager 5.0\\(3\\) |
||
cisco unified callmanager 5.0\\(3a\\) |
||
cisco unified communications manager 5.0_2 |
||
cisco unified communications manager 5.0_3 |
||
cisco unified communications manager 6.1 |
||
cisco unified callmanager 5.0\\(1\\) |
||
cisco unified callmanager 5.0\\(2\\) |
||
cisco unified communications manager 5.0 |
||
cisco unified communications manager 5.0_1 |
||
cisco unified communications manager 6.0 |
||
cisco unified communications manager 6.0_1 |
||
cisco unified callmanager 5.0 |
||
cisco unified callmanager 5.1 |
||
cisco unified callmanager 6.0 |
||
cisco unified communications manager 5.0_4a |
||
cisco unified communications manager 5.0_4a_su1 |
||
cisco unified callmanager 5.0\\(4\\) |
||
cisco unified callmanager 5.0_4a |
||
cisco unified communications manager 5.0_3a |
||
cisco unified communications manager 5.0_4 |