SQL Injection Vulnerability in BulkViewFileContentsAction.java in Cisco Unified Communications Manager
CVE-2014-3287 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337.
Learn more about our Cis Benchmark Audit For Cisco.