Cisco Unified Communications Manager Flaw Let Attacker Launch SQL Injection Attacks

17 August 2023

An SQL injection vulnerability was discovered in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). Cisco Unified CM is used for handling voice and video calls, whereas Cisco Unified CM SME is used for session routing intelligence. This SQL injection vulnerability allows an authenticated remote attacker to conduct SQL injection attacks on any affected system.

Source: GBHackers

Date:

17 August 2023

Categorie(s):

NEWS

Tag(s):

Attacks, Cyber Security News, Flaws, Launch, Let

Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024
End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box5 May 2024
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024