SQL Injection Vulnerability in Cisco Unified MeetingPlace by Cisco
CVE-2015-4233

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace
Vendor: CVE Published:; 2 July 2015

Summary

An SQL injection vulnerability exists in Cisco Unified MeetingPlace 8.6(1.2) that enables remote authenticated users to manipulate the database. This occurs through unspecified vectors, potentially allowing the execution of arbitrary SQL commands. Proper handling and sanitization of user input are essential to mitigate this risk.

References

http://www.securityfocus.com/bid/75500

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1032766

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jul 2, 2015
Vulnerability Reserved
Jun 4, 2015