|
|
Cisco CallManager/Communications Manager SQL Injection and Cross-Site Scripting Vulnerabilities
|
Bugtraq ID:
|
25480
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Aug 29 2007 12:00AM
|
|
Updated:
|
Sep 04 2007 10:51PM
|
|
Credit:
|
The vendor disclosed these issues.
|
|
Vulnerable:
|
Cisco Unified Communications Manager 4.2(3)sr.2
Cisco Unified Communications Manager 4.2 (3)SR2b
Cisco Unified CallManager 4.2(3)SR1
Cisco Unified CallManager 4.2
Cisco Unified CallManager 4.1(3)SR4
Cisco Unified CallManager 4.1(3)sr.5
Cisco Unified CallManager 4.1 (3)SR5b
Cisco Unified CallManager 4.1
Cisco Unified CallManager 4.0
Cisco Unified CallManager 3.3(5)sr3
Cisco Unified CallManager 3.3(5)sr3
Cisco Unified CallManager 3.3(5)SR2a
Cisco Unified CallManager 3.3(5)SR2a
Cisco Unified CallManager 3.3
|
|
|
|
Not Vulnerable:
|
Cisco Unified Communications Manager 4.3(1)sr.1
Cisco Unified CallManager 4.2(3)sr2
Cisco Unified CallManager 4.1(3)sr5
Cisco Unified CallManager 3.3(5)sr2b
|
|
|
