CVE-2014-3287

2014-06-1010:00:00

cisco

www.cve.org

AI Score

7.8

Confidence

Low

EPSS

0.001

Percentile

41.8%

JSON

SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337.