2 matches found
CVE-2018-0120
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct an SQL injection attack against an affected system. The vulnerability exists because the affected software fails to validate user-supplied input in certain SQL...
CVE-2018-0120
CVE-2018-0120 affects Cisco Unified Communications Manager (CUCM) web framework. The vulnerability arises from inadequate validation of user-supplied input in certain SQL queries, enabling an authenticated, remote attacker to perform SQL injection via crafted HTTP requests. Successful exploitatio...