SQL Injection Vulnerability in Cisco Unified Communications Manager IM and Presence Service
CVE-2015-4222

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Communications Manager Im And Presence Service
Vendor
CVE Published:
26 June 2015

Summary

A SQL injection vulnerability exists in Cisco Unified Communications Manager IM and Presence Service version 9.1(1). This issue enables remote authenticated users to execute arbitrary SQL commands via unspecified vectors, potentially leading to unauthorized data access or manipulation. Organizations utilizing this service should review their security measures and apply necessary patches to mitigate potential exploitation.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/75400
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1032716
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.