CVE-2014-3326
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0056 (0.6%)
Percentile: 68.4%
EPSS: 2026-05-06
Affects
cisco:security_managerTechnical description
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957.
Published: 7/26/2014, 11:11:57 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://secunia.com/advisories/60455
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3326
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35029
- http://www.securityfocus.com/bid/68877
- http://www.securitytracker.com/id/1030639
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94841
- http://secunia.com/advisories/60455
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3326