Executive Summary
Summary | |
---|---|
Title | SQL injection in Cisco Unified Communications Manager |
Informations | |||
---|---|---|---|
Name | cisco-sa-20080213-cucmsql | First vendor Publication | 2007-12-07 |
Vendor | Cisco | Last vendor Modification | 2008-02-13 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco Unified Communications Manager is vulnerable to a SQL Injection attack in the parameter key of the admin and user interface pages. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database. Cisco has released free software updates that address this vulnerability. Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0026 leavingcisco.com has been assigned to this vulnerability. |
Original Source
Url : http://www.cisco.com/en/US/products/products_security_advisory09186a008094 (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41561 | Cisco Unified Callmanager / Communications Manager Multiple Page key Paramete... Cisco Unified Call Manager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the multiple scripts not properly sanitizing user-supplied input to the 'key' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database. |