CVE-2014-3287
SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0024 (0.2%)
Percentil: 47.3%
EPSS: 2026-05-06
Afecta
cisco:unified_communications_managerDescripción técnica
SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337.
Publicada: 10/6/2014, 11:19:35
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3287
- http://www.securityfocus.com/bid/68000
- http://www.securitytracker.com/id/1030411
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3287
- http://www.securityfocus.com/bid/68000
- http://www.securitytracker.com/id/1030411