3 matches found
CVE-2013-3404
SQL injection vulnerability in Cisco Unified Communications Manager CUCM 7.1x through 9.11a allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051...
CVE-2013-3404
SQL injection vulnerability in Cisco Unified Communications Manager CUCM 7.1x through 9.11a allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051...
CVE-2013-3404
Cisco CUCM (7.1.x–9.1(1a)) is affected by a remote SQL injection vulnerability that allows an unauthenticated attacker to run arbitrary SQL via unspecified vectors and, via metadata, potentially reconstruct encrypted credentials. Exploitation can enable credential discovery and, in combination wi...