CVE-2008-0026
published 2008-02-14CVE-2008-0026: SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote…
medium6.5CVSS 3.1
AVNACLAuSCPIPAP
EXPLOIT
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |
| cisco | unified_communications_manager | — | — |