Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title SQL injection in Cisco Unified Communications Manager
Informations
Name cisco-sa-20080213-cucmsql First vendor Publication 2007-12-07
Vendor Cisco Last vendor Modification 2008-02-13
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score 6.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Unified Communications Manager is vulnerable to a SQL Injection attack in the parameter key of the admin and user interface pages. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database.

Cisco has released free software updates that address this vulnerability.

Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0026 leavingcisco.com has been assigned to this vulnerability.

Original Source

Url : http://www.cisco.com/en/US/products/products_security_advisory09186a008094 (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 9
Application 11

Open Source Vulnerability Database (OSVDB)

Id Description
41561 Cisco Unified Callmanager / Communications Manager Multiple Page key Paramete...

Cisco Unified Call Manager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the multiple scripts not properly sanitizing user-supplied input to the 'key' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.