CVE-2014-0728

Publication date

2014-02-13 02:00:00

Family

cisco

State

PUBLISHED

Description

SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.