CVE-2011-1610

Current Description

Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.

Basic Data

PublishedMay 03, 2011
Last ModifiedOctober 09, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-89
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score6.4
SeverityMEDIUM
Exploitability Score10.0
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCiscoUnified Communications Manager6.0*******
    2.3ApplicationCiscoUnified Communications Manager6.1(1)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(1a)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(1b)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(2)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(2)su1*******
    2.3ApplicationCiscoUnified Communications Manager6.1(2)su1a*******
    2.3ApplicationCiscoUnified Communications Manager6.1(3)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(3a)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(3b)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(3b)su1*******
    2.3ApplicationCiscoUnified Communications Manager6.1(4)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(4)su1*******
    2.3ApplicationCiscoUnified Communications Manager6.1(4a)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(4a)su2*******
    2.3ApplicationCiscoUnified Communications Manager6.1(5)*******
    2.3ApplicationCiscoUnified Communications Manager6.1(5)su1*******
    2.3ApplicationCiscoUnified Communications Manager6.1(5)su2*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCiscoUnified Communications Manager7.0(1)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.0(1)su1a*******
    2.3ApplicationCiscoUnified Communications Manager7.0(2)*******
    2.3ApplicationCiscoUnified Communications Manager7.0(2a)*******
    2.3ApplicationCiscoUnified Communications Manager7.0(2a)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.0(2a)su2*******
    2.3ApplicationCiscoUnified Communications Manager7.1(2a)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(2a)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.1(2b)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(2b)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3a)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3a)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3a)su1a*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3b)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3b)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.1(3b)su2*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5)su1*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5)su1a*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5a)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5b)*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5b)su2*******
    2.3ApplicationCiscoUnified Communications Manager7.1(5b)su3*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationCiscoUnified Communications Manager8.0*******
    2.3ApplicationCiscoUnified Communications Manager8.0(2c)*******
    2.3ApplicationCiscoUnified Communications Manager8.0(2c)su1*******
    2.3ApplicationCiscoUnified Communications Manager8.0(3)*******
    2.3ApplicationCiscoUnified Communications Manager8.0(3a)*******
    2.3ApplicationCiscoUnified Communications Manager8.0(3a)su1*******

Vulnerable Software List

VendorProductVersions
Cisco Unified Communications Manager 6.0, 6.1(1), 6.1(1a), 6.1(1b), 6.1(2), 6.1(2)su1, 6.1(2)su1a, 6.1(3), 6.1(3a), 6.1(3b), 6.1(3b)su1, 6.1(4), 6.1(4)su1, 6.1(4a), 6.1(4a)su2, 6.1(5), 6.1(5)su1, 6.1(5)su2, 7.0(1)su1, 7.0(1)su1a, 7.0(2), 7.0(2a), 7.0(2a)su1, 7.0(2a)su2, 7.1(2a), 7.1(2a)su1, 7.1(2b), 7.1(2b)su1, 7.1(3), 7.1(3a), 7.1(3a)su1, 7.1(3a)su1a, 7.1(3b), 7.1(3b)su1, 7.1(3b)su2, 7.1(5), 7.1(5)su1, 7.1(5)su1a, 7.1(5a), 7.1(5b), 7.1(5b)su2, 7.1(5b)su3, 8.0, 8.0(2c), 8.0(2c)su1, 8.0(3), 8.0(3a), 8.0(3a)su1

References

NameSourceURLTags
20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerabilityhttp://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.htmlFULLDISC
44331http://secunia.com/advisories/44331SECUNIA
20110427 Multiple Vulnerabilities in Cisco Unified Communications Managerhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtmlCISCOVendor Advisory
20110428 ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerabilityhttp://www.securityfocus.com/archive/1/517727/100/0/threadedBUGTRAQ
47607http://www.securityfocus.com/bid/47607BID
1025449http://www.securitytracker.com/id?1025449SECTRACK
ADV-2011-1122http://www.vupen.com/english/advisories/2011/1122VUPEN
http://zerodayinitiative.com/advisories/ZDI-11-143/http://zerodayinitiative.com/advisories/ZDI-11-143/MISC
ucm-sql-injection(67126)https://exchange.xforce.ibmcloud.com/vulnerabilities/67126XF