CVE-2016-1308SQL Injection in Samsung X14j Firmware

CWE-89SQL Injection4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 59.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung X14j Firmware
Timeline
PublishedFeb 7
Latest updateMay 17

Description

SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDsamsung/x14j_firmwaret-ms14jakucb-1102.5

🔴Vulnerability Details

2
GHSA
GHSA-84q9-v8h8-5g85: SQL injection vulnerability in Cisco Unified Communications Manager 102022-05-17
CVEList
CVE-2016-1308: SQL injection vulnerability in Cisco Unified Communications Manager 102016-02-07

📋Vendor Advisories

1
Cisco
Cisco Unified Communications Manager SQL Injection Vulnerability2016-02-03
CVE-2016-1308 — SQL Injection in Samsung X14j Firmware | cvebase