SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and previous versions allows remote malicious users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified communications manager 3.3\\(5\\)sr1 |
||
cisco unified communications manager 3.3\\(5\\)sr2a |
||
cisco unified communications manager 4.1\\(3\\) |
||
cisco unified communications manager 4.1\\(3\\)sr1 |
||
cisco unified communications manager 4.2.1 |
||
cisco unified communications manager 4.2.2 |
||
cisco unified communications manager 4.2.3 |
||
cisco unified communications manager 4.2.3sr1 |
||
cisco unified communications manager |
||
cisco unified communications manager 4.1\\(3\\)sr3 |
||
cisco unified communications manager 4.2 |
||
cisco unified communications manager 4.2.3sr2 |
||
cisco unified communications manager 4.3 |
||
cisco unified communications manager 10.0 |
||
cisco unified communications manager 3.3\\(5\\) |
||
cisco unified communications manager 4.1\\(3\\)sr2 |
||
cisco unified communications manager 4.1\\(3\\)sr4 |
||
cisco unified communications manager 4.2.3sr2b |