Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

In order to address high-severity vulnerabilities that might result in privilege escalation, SQL injection, directory traversal, and denial-of-service (DoS), Cisco on Wednesday released security patches for a number of enterprise apps. The web administration interface of Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session administration Edition (Unified CM SME) is the most severely affected by these issues.

The problem, which has the tracking number CVE-2023-20211 and a CVSS rating of 8.1, is defined as an incorrect validation of user-supplied input that could enable a remote, authorized attacker to conduct a SQL injection attack. “By logging into the application as a user with read-only or higher rights and submitting specially crafted HTTP requests to a vulnerable system, an attacker might take advantage of this vulnerability. If the exploit is effective, the attacker may be able to read or alter data in the.

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

17-Aug-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address