CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

seebug.org•added 2008/02/20 12:0 a.m.•33 views

Cisco Unified Communications Manager key参数SQL注入漏洞

BUGTRAQ ID: 27775 CVECAN ID: CVE-2008-0026 Cisco Unified Communications Manager（CUCM，之前被称为CallManager）是Cisco IP电话解决方案中的呼叫处理组件。 CUCM的管理员和用户界面页面的key参数存在SQL注入漏洞，远程攻击者可能利用此漏洞获取敏感信息。攻击者可以在管理员或用户界面页面的key参数中输入特制值触发SQL注入漏洞，可通过Web界面使用http或https协议来执行攻击，成功攻击可以终止SQL调用，强制到后端数据库的连接，导致泄露敏感信息，如用户名和口令哈希。 Cisco...

6.5CVSS6.8AI score0.00379EPSS

Exploits2

Prion•added 2007/08/09 9:17 p.m.•20 views

Code injection

Unspecified vulnerability in Cisco Unified Communications Manager CUCM 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102...

6.8CVSS7.9AI score0.03348EPSS

Exploits0References7Affected Software1

CVE•added 2007/04/03 12:0 a.m.•51 views

CVE-2007-1834

CVE-2007-1834 affects Cisco Unified CallManager (CUCM) 5.0 prior to 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 prior to 1.0(3). The vulnerability allows unauthenticated, remote attackers to cause a denial of service (loss of voice services) by sending a flood of ICMP echo requests. R...

7.8CVSS6.6AI score0.01365EPSS

Exploits0References6Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by