SQL Command Validation Flaw in Cisco Unified MeetingPlace Products
CVE-2010-0139

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace
Vendor: CVE Published:; 28 January 2010

Summary

Cisco Unified MeetingPlace versions prior to 7.0(2.3) hotfix 5F, 6.0.639.2, and possibly version 5 suffer from improper SQL command validation. This vulnerability enables remote attackers to manipulate the database, including creating, modifying, or deleting data without authorization through unspecified methods. Organizations using affected versions must evaluate their systems and apply necessary updates to mitigate this risk.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/37965

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 28, 2010