Cisco: >> Unified Meetingplace >> 6.0.170.0 Security Vulnerabilities
Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691.
CVSS Score
9.0
EPSS Score
0.006
Published
2010-01-28
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935.
CVSS Score
6.4
EPSS Score
0.003
Published
2010-01-28