CVE-2014-3339

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Domain Manager; Unified Presence Server
Vendor: CVE Published:; 12 August 2014

Summary

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/69200

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/95250

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 12, 2014
Vulnerability Reserved
May 7, 2014