Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2007-4634

Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265.

  • Published: Sep 1, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-4634
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

OWASP TOP 10:

Software From Fixed in
cisco / call_manager 4.2(2) 4.2(2).x
cisco / unified_communications_manager 3.3(5) 3.3(5).x
cisco / call_manager 3.3(5)sr2 3.3(5)sr2.x
cisco / call_manager 4.3(1) 4.3(1).x
cisco / unified_communications_manager 4.1(3)sr1 4.1(3)sr1.x
cisco / call_manager 4.1(3)sr1 4.1(3)sr1.x
cisco / call_manager 4.1 4.1.x
cisco / call_manager 3.3(5)sr2a 3.3(5)sr2a.x
cisco / unified_communications_manager 4.2.3sr1 4.2.3sr1.x
cisco / unified_communications_manager 4.1(3)sr2 4.1(3)sr2.x
cisco / call_manager 4.1(3)sr2 4.1(3)sr2.x
cisco / unified_communications_manager 4.1(3) 4.1(3).x
cisco / unified_communications_manager 4.2 4.2.x
cisco / unified_communications_manager 4.3 4.3.x
cisco / unified_communications_manager 4.2.3 4.2.3.x
cisco / unified_communications_manager 4.1(3)sr4 4.1(3)sr4.x
cisco / call_manager 4.2 4.2.x
cisco / unified_communications_manager 4.2.1 4.2.1.x
cisco / call_manager 4.2(1) 4.2(1).x
cisco / call_manager 4.3 4.3.x
cisco / call_manager 4.1(3)sr3 4.1(3)sr3.x
cisco / unified_communications_manager 3.3(5)sr2a 3.3(5)sr2a.x
cisco / call_manager 4.2(3)sr1 4.2(3)sr1.x
cisco / unified_communications_manager 4.2.2 4.2.2.x
cisco / unified_communications_manager 4.3(1) 4.3(1).x
cisco / unified_communications_manager 4.1(3)sr3 4.1(3)sr3.x
cisco / call_manager 4.2(3) 4.2(3).x
cisco / unified_communications_manager 3.3(5)sr1 3.3(5)sr1.x
cisco / call_manager 4.2(3)sr2 4.2(3)sr2.x
cisco / call_manager 4.1(3)sr4 4.1(3)sr4.x
cisco / call_manager 3.3(5)sr1 3.3(5)sr1.x