CVE-2014-3326
CVE-2014-3326 affects Cisco Security Manager 4.5 and 4.6. The issue is an SQL injection in the web framework caused by insufficient controls on SQL statements, allowing an authenticated remote attacker to execute arbitrary SQL commands via unspecified vectors. The vulnerability can lead to exposu...