Published: 13/06/2017 Updated: 08/07/2017

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Subscribe to Unified Communications Domain Manager

Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote malicious user to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc52784 CSCvc97648. Known Affected Releases: 8.1(7)ER1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified communications domain manager 8.1\\(7\\)er1

Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries The vulnerabilities are due to insufficient validation of user-supplied input in HTTP request parameters An attacker could exploit ...

CWE-89 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-cucm2 http://www.securityfocus.com/bid/98947 http://www.securitytracker.com/id/1038632 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-cucm2

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6668

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect