Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-3404
HistoryJul 18, 2013 - 12:48 p.m.

CVE-2013-3404

2013-07-1812:48:56
CWE-89
[email protected]
web.nvd.nist.gov
5

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.001

Percentile

50.7%

JSON

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.

Affected configurations

Nvd
Node
ciscounified_communications_managerMatch7.1\(2a\)
OR
ciscounified_communications_managerMatch7.1\(2a\)su1
OR
ciscounified_communications_managerMatch7.1\(2b\)
OR
ciscounified_communications_managerMatch7.1\(2b\)su1
OR
ciscounified_communications_managerMatch7.1\(3\)
OR
ciscounified_communications_managerMatch7.1\(3a\)
OR
ciscounified_communications_managerMatch7.1\(3a\)su1
OR
ciscounified_communications_managerMatch7.1\(3a\)su1a
OR
ciscounified_communications_managerMatch7.1\(3b\)
OR
ciscounified_communications_managerMatch7.1\(3b\)su1
OR
ciscounified_communications_managerMatch7.1\(3b\)su2
OR
ciscounified_communications_managerMatch7.1\(5\)
OR
ciscounified_communications_managerMatch7.1\(5\)su1
OR
ciscounified_communications_managerMatch7.1\(5\)su1a
OR
ciscounified_communications_managerMatch7.1\(5a\)
OR
ciscounified_communications_managerMatch7.1\(5b\)
OR
ciscounified_communications_managerMatch7.1\(5b\)su1
OR
ciscounified_communications_managerMatch7.1\(5b\)su1a
OR
ciscounified_communications_managerMatch7.1\(5b\)su2
OR
ciscounified_communications_managerMatch7.1\(5b\)su3
OR
ciscounified_communications_managerMatch7.1\(5b\)su4
OR
ciscounified_communications_managerMatch7.1\(5b\)su5
OR
ciscounified_communications_managerMatch7.1\(5b\)su6
Node
ciscounified_communications_managerMatch8.0
OR
ciscounified_communications_managerMatch8.0\(1\)
OR
ciscounified_communications_managerMatch8.0\(2\)
OR
ciscounified_communications_managerMatch8.0\(2a\)
OR
ciscounified_communications_managerMatch8.0\(2b\)
OR
ciscounified_communications_managerMatch8.0\(2c\)
OR
ciscounified_communications_managerMatch8.0\(2c\)su1
OR
ciscounified_communications_managerMatch8.0\(3\)
OR
ciscounified_communications_managerMatch8.0\(3a\)
OR
ciscounified_communications_managerMatch8.0\(3a\)su1
OR
ciscounified_communications_managerMatch8.0\(3a\)su2
OR
ciscounified_communications_managerMatch8.0\(3a\)su3
Node
ciscounified_communications_managerMatch8.5
OR
ciscounified_communications_managerMatch8.5\(1\)
OR
ciscounified_communications_managerMatch8.5\(1\)su1
OR
ciscounified_communications_managerMatch8.5\(1\)su2
OR
ciscounified_communications_managerMatch8.5\(1\)su3
OR
ciscounified_communications_managerMatch8.5\(1\)su4
OR
ciscounified_communications_managerMatch8.5\(1\)su5
Node
ciscounified_communications_managerMatch8.6
OR
ciscounified_communications_managerMatch8.6\(1\)
OR
ciscounified_communications_managerMatch8.6\(1a\)
OR
ciscounified_communications_managerMatch8.6\(2\)
OR
ciscounified_communications_managerMatch8.6\(2a\)
OR
ciscounified_communications_managerMatch8.6\(2a\)su1
OR
ciscounified_communications_managerMatch8.6\(2a\)su2
OR
ciscounified_communications_managerMatch8.6\(2a\)su3
OR
ciscounified_communications_managerMatch8.6\(3\)
OR
ciscounified_communications_managerMatch8.6\(4\)
Node
ciscounified_communications_managerMatch9.0\(1\)
OR
ciscounified_communications_managerMatch9.1\(1\)
OR
ciscounified_communications_managerMatch9.1\(1a\)
OR
ciscounified_communications_managerMatch9.1.1\(a\)

Related

prion 1
cve 1
cisco 2
cvelist 1
securityvulns 1
prion
prion
Sql injection
2013-07-18 12:48:00
cve
cve
CVE-2013-3404
2013-07-18 12:48:56
cisco
cisco
Cisco Unified Communications Manager Remote Blind SQL Injection Vulnerability
2013-07-17 16:07:58
Multiple Vulnerabilities in Cisco Unified Communications Manager
2013-07-17 16:00:00
cvelist
cvelist
CVE-2013-3404
2013-07-18 00:00:00
securityvulns
securityvulns
Cisco Unified Communications Manager multiple security vulnerabilities
2013-07-19 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

Low

EPSS

0.001

Percentile

50.7%

JSON
Related for NVD:CVE-2013-3404
prion1cve1cisco2cvelist1securityvulns1