CVE-2008-0026 in Unified CallManagerinfo

Summary

SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

12/17/2007

Disclosure

02/14/2008

Moderation

VulDB entry created

Entries

1: VDB-41055

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

6.3

EPSS

0.00355

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-0026
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-0026
CVE Details	https://www.cvedetails.com/cve/CVE-2008-0026/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!