CVE-2008-0026
14.02.2008, 12:00
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
SQL Injection
Vendor | Product | Version |
---|---|---|
cisco | unified_callmanager | 5.0 |
cisco | unified_callmanager | 5.0\(1\) |
cisco | unified_callmanager | 5.0\(2\) |
cisco | unified_callmanager | 5.0\(3\) |
cisco | unified_callmanager | 5.0\(3a\) |
cisco | unified_callmanager | 5.0\(4\) |
cisco | unified_callmanager | 5.0_4a |
cisco | unified_callmanager | 5.1 |
cisco | unified_callmanager | 6.0 |
cisco | unified_communications_manager | 5.0 |
cisco | unified_communications_manager | 5.0_1 |
cisco | unified_communications_manager | 5.0_2 |
cisco | unified_communications_manager | 5.0_3 |
cisco | unified_communications_manager | 5.0_3a |
cisco | unified_communications_manager | 5.0_4 |
cisco | unified_communications_manager | 5.0_4a |
cisco | unified_communications_manager | 5.0_4a_su1 |
cisco | unified_communications_manager | 6.0 |
cisco | unified_communications_manager | 6.0_1 |
cisco | unified_communications_manager | 6.1 |
𝑥
= Vulnerable software versions
References