EUVD-2021-29340

Malicious code in bioql PyPI...

Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...

Sql injection

Imagicle Application Suite for Cisco UC before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the "Export to CSV" feature of the Contact Manager web GUI...

CVE-2021-42369

CVE-2021-42369 affects Imagicle Application Suite (for Cisco UC). The vulnerability is a SQL injection in the Contact Manager web GUI exposed via the Export to CSV feature, allowing a low-privileged user to inject SQL statements. Technical details across sources indicate affected versions are pri...

CVE-2021-42369

Imagicle Application Suite for Cisco UC before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the "Export to CSV" feature of the Contact Manager web GUI...

Bugs Lurking in Cisco UC Provisioning Platform

The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...

Information disclosure

Cisco Unified Communications Domain Manager 8.14 allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744...