8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
8.2 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
61.3%
SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647.
archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html
secunia.com/advisories/44331
www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml
www.securityfocus.com/bid/47605
www.securitytracker.com/id?1025449
www.vupen.com/english/advisories/2011/1122
exchange.xforce.ibmcloud.com/vulnerabilities/67125