CVE-2007-4634
CVE Descriptions
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C | [email protected] |
EPSS
EPSS Score
EPSS Percentile
Exploit information
Exploit Database EDB-ID : 30541
Publication date : 2007-08-28 22h00 +00:00
Author : anonymous
EDB Verified : Yes
Products Mentioned
Configuraton 0
Cisco>>Unified_communications_manager >> Version 3.3\(5\)
- Cisco>>Unified_communications_manager >> Version 3.3\(5\) (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 3.3\(5\)sr1
- Cisco>>Unified_communications_manager >> Version 3.3\(5\)sr1 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 3.3\(5\)sr2a
- Cisco>>Unified_communications_manager >> Version 3.3\(5\)sr2a (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.1\(3\)
- Cisco>>Unified_communications_manager >> Version 4.1\(3\) (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr1
- Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr1 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr2
- Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr2 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr3
- Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr3 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr4
- Cisco>>Unified_communications_manager >> Version 4.1\(3\)sr4 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.2
- Cisco>>Unified_communications_manager >> Version 4.2 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.2.1
- Cisco>>Unified_communications_manager >> Version 4.2.1 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.2.2
- Cisco>>Unified_communications_manager >> Version 4.2.2 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.2.3
- Cisco>>Unified_communications_manager >> Version 4.2.3 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.2.3sr1
- Cisco>>Unified_communications_manager >> Version 4.2.3sr1 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.3
- Cisco>>Unified_communications_manager >> Version 4.3 (Open CPE detail)
Cisco>>Unified_communications_manager >> Version 4.3\(1\)
- Cisco>>Unified_communications_manager >> Version 4.3\(1\) (Open CPE detail)
Cisco>>Call_manager >> Version 3.3\(5\)sr1
- Cisco>>Call_manager >> Version 3.3\(5\)sr1 (Open CPE detail)
Cisco>>Call_manager >> Version 3.3\(5\)sr2
- Cisco>>Call_manager >> Version 3.3\(5\)sr2 (Open CPE detail)
Cisco>>Call_manager >> Version 3.3\(5\)sr2a
- Cisco>>Call_manager >> Version 3.3\(5\)sr2a (Open CPE detail)
Cisco>>Call_manager >> Version 4.1
- Cisco>>Call_manager >> Version 4.1 (Open CPE detail)
Cisco>>Call_manager >> Version 4.1\(3\)sr1
- Cisco>>Call_manager >> Version 4.1\(3\)sr1 (Open CPE detail)
Cisco>>Call_manager >> Version 4.1\(3\)sr2
- Cisco>>Call_manager >> Version 4.1\(3\)sr2 (Open CPE detail)
Cisco>>Call_manager >> Version 4.1\(3\)sr3
- Cisco>>Call_manager >> Version 4.1\(3\)sr3 (Open CPE detail)
Cisco>>Call_manager >> Version 4.1\(3\)sr4
- Cisco>>Call_manager >> Version 4.1\(3\)sr4 (Open CPE detail)
Cisco>>Call_manager >> Version 4.2
- Cisco>>Call_manager >> Version 4.2 (Open CPE detail)
Cisco>>Call_manager >> Version 4.2\(1\)
- Cisco>>Call_manager >> Version 4.2\(1\) (Open CPE detail)
Cisco>>Call_manager >> Version 4.2\(2\)
- Cisco>>Call_manager >> Version 4.2\(2\) (Open CPE detail)
Cisco>>Call_manager >> Version 4.2\(3\)
- Cisco>>Call_manager >> Version 4.2\(3\) (Open CPE detail)
Cisco>>Call_manager >> Version 4.2\(3\)sr1
- Cisco>>Call_manager >> Version 4.2\(3\)sr1 (Open CPE detail)
Cisco>>Call_manager >> Version 4.2\(3\)sr2
- Cisco>>Call_manager >> Version 4.2\(3\)sr2 (Open CPE detail)
Cisco>>Call_manager >> Version 4.3
- Cisco>>Call_manager >> Version 4.3 (Open CPE detail)
Cisco>>Call_manager >> Version 4.3\(1\)
- Cisco>>Call_manager >> Version 4.3\(1\) (Open CPE detail)
References
Tags : vendor-advisory, x_refsource_CISCO
