Bugtraq ID:65645
CVE ID:CVE-2014-0734
Cisco Unified Communications Manager是一款Cisco IP电话解决方案中的呼叫处理组件。
Cisco Unified Communications Manager证书授权代理功能(Certificate Authority Proxy Function)不正确过滤用户提交的输入,允许远程攻击者利用漏洞提交特制的SQL查询,可操作或获取数据库数据。
0
Cisco Unified Communications Manager 10.0(1.10000.3)
厂商补丁:
Cisco
-----
Cisco Unified Communications Manager 10.5(0.98000.391)或10.5(0.98000.223)已经修复该漏洞,建议用户下载更新:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/index.html
暂无评论