漏洞标题
思科统一通信产品漏洞
漏洞描述信息
思科统一通信产品漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
Cisco Unified Communications Products Vulnerabilities
漏洞描述信息
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) and could allow an attacker to conduct SQL injection attacks on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
漏洞类别
路径遍历:’…/…//’
漏洞标题
Cisco Unified Communications Manager SQL注入漏洞
漏洞描述信息
Cisco Unified Communications Manager(CUCM,Unified CM,CallManager)是美国思科(Cisco)公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。 Cisco Unified Communications Manager IM & Presence Service 存在SQL注入漏洞,攻击者可利用该漏洞对受影响的系统进行路径遍历攻击和SQL注入攻击。
CVSS信息
N/A
漏洞类别
SQL注入