Cisco Security Manager Remote Code Execution Vulnerability

Last Update Date: 29 Jul 2014 12:33 Release Date: 29 Jul 2014 3763 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability was identified in Cisco Security Manager. A remote user can inject SQL commands.

The web framework code does not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

 

Note: No patch is currently available.

Impact

  • Remote Code Execution

System / Technologies affected

  • Versions 4.5(0) and 4.6(0)FCS1

Solutions

  • Note: No patch is currently available.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple QuickTime Remote Code Execution Vulnerability

28 Jul 2014 3842 Views

Next

Cisco WebEx Meetings Server Multiple Vulnerabilities

29 Jul 2014 4047 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY