cvelistv5 - cve-2011-1610

CVE-2011-1610 (GCVE-0-2011-1610)

Vulnerability from cvelistv5

Published

2011-05-03 22:00

Modified

2024-08-06 22:37

Severity ?

CWE

Summary

Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.

References

URL

Tags

	http://zerodayinitiative.com/advisories/ZDI-11-143/	x_refsource_MISC
	http://secunia.com/advisories/44331	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/517727/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html	mailing-list, x_refsource_FULLDISC
	http://www.securitytracker.com/id?1025449	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2011/1122	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67126	vdb-entry, x_refsource_XF
	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml	vendor-advisory, x_refsource_CISCO
	http://www.securityfocus.com/bid/47607	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:37:24.121Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://zerodayinitiative.com/advisories/ZDI-11-143/"
          },
          {
            "name": "44331",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44331"
          },
          {
            "name": "20110428 ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/517727/100/0/threaded"
          },
          {
            "name": "20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html"
          },
          {
            "name": "1025449",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025449"
          },
          {
            "name": "ADV-2011-1122",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/1122"
          },
          {
            "name": "ucm-sql-injection(67126)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67126"
          },
          {
            "name": "20110427 Multiple Vulnerabilities in Cisco Unified Communications Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml"
          },
          {
            "name": "47607",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47607"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-04-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://zerodayinitiative.com/advisories/ZDI-11-143/"
        },
        {
          "name": "44331",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44331"
        },
        {
          "name": "20110428 ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/517727/100/0/threaded"
        },
        {
          "name": "20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html"
        },
        {
          "name": "1025449",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025449"
        },
        {
          "name": "ADV-2011-1122",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/1122"
        },
        {
          "name": "ucm-sql-injection(67126)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67126"
        },
        {
          "name": "20110427 Multiple Vulnerabilities in Cisco Unified Communications Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml"
        },
        {
          "name": "47607",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47607"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-1610",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://zerodayinitiative.com/advisories/ZDI-11-143/",
              "refsource": "MISC",
              "url": "http://zerodayinitiative.com/advisories/ZDI-11-143/"
            },
            {
              "name": "44331",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44331"
            },
            {
              "name": "20110428 ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/517727/100/0/threaded"
            },
            {
              "name": "20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html"
            },
            {
              "name": "1025449",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025449"
            },
            {
              "name": "ADV-2011-1122",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/1122"
            },
            {
              "name": "ucm-sql-injection(67126)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67126"
            },
            {
              "name": "20110427 Multiple Vulnerabilities in Cisco Unified Communications Manager",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml"
            },
            {
              "name": "47607",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47607"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-1610",
    "datePublished": "2011-05-03T22:00:00.000Z",
    "dateReserved": "2011-04-05T00:00:00.000Z",
    "dateUpdated": "2024-08-06T22:37:24.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2011-AVI-263

Vulnerability from certfr_avis

De multiples vulnérabilités dans Cisco Unified Communications Manager permettent des injections SQL, des dénis de service à distance ou le dépôt d'un fichier.

Description

De multiples vulnérabilités ont été découvertes dans Cisco Unified Communications Manager :

trois failles liées au traitement des messages SIP permettent de réaliser un déni de service à distance (CVE-2011-1604, CVE-2011-1605 et CVE-2011-1606) ;
un utilisateur authentifié qui parvient à intercepter le trafic réseau peut déposer un fichier malveillant sur le système (CVE-2011-1607) ;
des injections SQL sont possibles, ce qui permet la modification de la configuration du système, ainsi que l'ajout ou la suppression d'utilisateurs. L'une de ces deux vulnérabilités nécessite une authentification préalable (CVE-2011-1609 et CVE-2011-1610).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Unified Communications Manager versions 6.x, 7.x et 8.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted