SQL Injection Vulnerability in Cisco Unified MeetingPlace
CVE-2012-0337

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace
Vendor: CVE Published:; 2 May 2012

Summary

A SQL injection vulnerability exists in the web component of Cisco Unified MeetingPlace 7.1. This flaw allows remote authenticated users to execute arbitrary SQL commands by manipulating input parameters through unspecified vectors. Exploitation of this vulnerability could lead to unauthorized access to sensitive data within the database, potentially compromising the integrity and confidentiality of the information managed by the application.

References

http://www.cisco.com/en/US/docs/voice_ip_comm/meetingplac...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 2, 2012