Vulnerability Description
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
CVSS Score
6.5
MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Meetingplace | 7.1 |
Related Weaknesses (CWE)
References
- http://www.cisco.com/en/US/docs/voice_ip_comm/meetingplace/7_1/english/release_n
- http://www.cisco.com/en/US/docs/voice_ip_comm/meetingplace/7_1/english/release_n
FAQ
What is CVE-2012-0337?
CVE-2012-0337 is a vulnerability with a CVSS score of 6.5 (MEDIUM). SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
How severe is CVE-2012-0337?
CVE-2012-0337 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0337?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Meetingplace.