Lucene search
HistoryAug 12, 2014 - 11:55 p.m.
CVE-2014-3339
cve-2014-3339
sql injection
cisco
cm
cups
admin interface
vulnerability
nvd
bug id cscup74290
8.3 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
61.1%
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.
Affected configurations
Node
ciscounified_communications_domain_managerMatch-
ORciscounified_presence_server
Related
nvd
nvd
CVE-2014-3339
2014-08-12 23:55:03
prion
prion
Sql injection
2014-08-12 23:55:00
cisco
cisco
cvelist
cvelist
CVE-2014-3339
2014-08-12 23:00:00
8.3 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
61.1%
Related for CVE-2014-3339