cbcvebase.
CVE-2014-0728
published 2014-02-13

CVE-2014-0728: SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute…

high7.5CVSS 3.1
AVNACLAuNCPIPAP
SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.

Affected

2 ranges
VendorProductVersion rangeFixed in
ciscounified_communications_manager<= 10.0\(1\)
ciscounified_communications_manager