Lucene search

[email protected]CVE-2013-5517

HistoryOct 02, 2013 - 10:55 p.m.

CVE-2013-5517

2013-10-0222:55:23

CWE-89

[email protected]

web.nvd.nist.gov

cve-2013-5517

sql injection

cisco

unified communications domain manager

vulnerability

nvd

bug id cscuh96567

5.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.4%

JSON

SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567.

Affected configurations

NVD

Node

ciscounified_communications_domain_managerMatch-

CPENameOperatorVersion
cisco:unified_communications_domain_managercisco unified communications domain managereq-

CPE	Name	Operator	Version
cisco:unified_communications_domain_manager	cisco unified communications domain manager	eq	-

References

osvdb.org/98019

secunia.com/advisories/54847

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5517

tools.cisco.com/security/center/viewAlert.x?alertId=31073

www.securityfocus.com/bid/62746

5.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.4%

JSON

Related for CVE-2013-5517

nvd1 prion1 cvelist1 cisco1