CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4634

Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 84.8%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2007-4634

Cisco » Unified Communications Manager » Version: 3.3(5)

cpe:2.3:a:cisco:unified_communications_manager:3.3(5)
Cisco » Unified Communications Manager » Version: 3.3(5)sr1

cpe:2.3:a:cisco:unified_communications_manager:3.3(5)sr1
Cisco » Unified Communications Manager » Version: 3.3(5)sr2a

cpe:2.3:a:cisco:unified_communications_manager:3.3(5)sr2a
Cisco » Unified Communications Manager » Version: 4.1(3)

cpe:2.3:a:cisco:unified_communications_manager:4.1(3)
Cisco » Unified Communications Manager » Version: 4.1(3)sr1

cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr1
Cisco » Unified Communications Manager » Version: 4.1(3)sr2

cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr2
Cisco » Unified Communications Manager » Version: 4.1(3)sr3

cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr3
Cisco » Unified Communications Manager » Version: 4.1(3)sr4

cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr4
Cisco » Unified Communications Manager » Version: 4.2

cpe:2.3:a:cisco:unified_communications_manager:4.2
Cisco » Unified Communications Manager » Version: 4.2.1

cpe:2.3:a:cisco:unified_communications_manager:4.2.1
Cisco » Unified Communications Manager » Version: 4.2.2

cpe:2.3:a:cisco:unified_communications_manager:4.2.2
Cisco » Unified Communications Manager » Version: 4.2.3

cpe:2.3:a:cisco:unified_communications_manager:4.2.3
Cisco » Unified Communications Manager » Version: 4.2.3sr1

cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr1
Cisco » Unified Communications Manager » Version: 4.3

cpe:2.3:a:cisco:unified_communications_manager:4.3
Cisco » Unified Communications Manager » Version: 4.3(1)

cpe:2.3:a:cisco:unified_communications_manager:4.3(1)
Cisco » Call Manager » Version: 3.3(5)sr1

cpe:2.3:h:cisco:call_manager:3.3(5)sr1
Cisco » Call Manager » Version: 3.3(5)sr2

cpe:2.3:h:cisco:call_manager:3.3(5)sr2
Cisco » Call Manager » Version: 3.3(5)sr2a

cpe:2.3:h:cisco:call_manager:3.3(5)sr2a
Cisco » Call Manager » Version: 4.1

cpe:2.3:h:cisco:call_manager:4.1
Cisco » Call Manager » Version: 4.1(3)sr1

cpe:2.3:h:cisco:call_manager:4.1(3)sr1
Cisco » Call Manager » Version: 4.1(3)sr2

cpe:2.3:h:cisco:call_manager:4.1(3)sr2
Cisco » Call Manager » Version: 4.1(3)sr3

cpe:2.3:h:cisco:call_manager:4.1(3)sr3
Cisco » Call Manager » Version: 4.1(3)sr4

cpe:2.3:h:cisco:call_manager:4.1(3)sr4
Cisco » Call Manager » Version: 4.2

cpe:2.3:h:cisco:call_manager:4.2
Cisco » Call Manager » Version: 4.2(1)

cpe:2.3:h:cisco:call_manager:4.2(1)
Cisco » Call Manager » Version: 4.2(2)

cpe:2.3:h:cisco:call_manager:4.2(2)
Cisco » Call Manager » Version: 4.2(3)

cpe:2.3:h:cisco:call_manager:4.2(3)
Cisco » Call Manager » Version: 4.2(3)sr1

cpe:2.3:h:cisco:call_manager:4.2(3)sr1
Cisco » Call Manager » Version: 4.2(3)sr2

cpe:2.3:h:cisco:call_manager:4.2(3)sr2
Cisco » Call Manager » Version: 4.3

cpe:2.3:h:cisco:call_manager:4.3
Cisco » Call Manager » Version: 4.3(1)

cpe:2.3:h:cisco:call_manager:4.3(1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4634

Products

Pricing

Contact Us