First published: Wed Jan 18 2023(Updated: )
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Unified Communications Manager Session Management Edition | ||
Cisco Unified Communications Manager Session Management Edition |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-cucm-sql-rpPczR8n is classified as high due to the potential for SQL injection attacks.
To fix cisco-sa-cucm-sql-rpPczR8n, update to the latest version of Cisco Unified Communications Manager or apply the provided patches.
cisco-sa-cucm-sql-rpPczR8n affects Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition.
cisco-sa-cucm-sql-rpPczR8n allows authenticated remote attackers to conduct SQL injection attacks.
Yes, exploiting cisco-sa-cucm-sql-rpPczR8n requires authentication to the web-based management interface.