SQL Injection Vulnerability in Cisco Unified Communications Manager (CUCM) Versions 7.1(x) through 9.1(1a)

SQL Injection Vulnerability in Cisco Unified Communications Manager (CUCM) Versions 7.1(x) through 9.1(1a)

CVE-2013-3404 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.

Learn more about our Cis Benchmark Audit For Cisco.