CVE-2014-3326
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0056 (0.6%)
Percentil: 68.4%
EPSS: 2026-05-06
Afecta
cisco:security_managerDescripción técnica
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957.
Publicada: 26/7/2014, 11:11:57
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/60455
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3326
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35029
- http://www.securityfocus.com/bid/68877
- http://www.securitytracker.com/id/1030639
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94841
- http://secunia.com/advisories/60455
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3326