CVE-2019-12710

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an authenticated, remote attacker to impact the confidentiality of an affected system by executing arbitrary SQL queries. The vulnerability exists because the affected software improperly validates user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted requests that contain malicious SQL statements to the affected application. A successful exploit could allow the attacker to determine the presence of certain values in the database, impacting the confidentiality of the system.

CVSS v3 4.9 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-cuc-inject	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:unified_communications_manager:10.5\(2.10000.5\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.10000.6\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:12.0\(1.10000.10\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:12.5\(1.10000.22\):::::::*

History

No history.

Information

Published : 2019-10-02 19:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-12710

Mitre link : CVE-2019-12710

CVE.ORG link : CVE-2019-12710

JSON object : View

Products Affected

cisco

unified_communications_manager

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2019-12710", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2019-10-02T19:15:14.093", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-cuc-inject", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an authenticated, remote attacker to impact the confidentiality of an affected system by executing arbitrary SQL queries. The vulnerability exists because the affected software improperly validates user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted requests that contain malicious SQL statements to the affected application. A successful exploit could allow the attacker to determine the presence of certain values in the database, impacting the confidentiality of the system."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz basada en web de Cisco Unified Communications Manager y Cisco Unified Communications Manager Session Management Edition (SME), podr\u00eda permitir a un atacante remoto autenticado afectar la confidencialidad de un sistema afectado mediante la ejecuci\u00f3n de consultas SQL arbitrarias. La vulnerabilidad se presenta porque el software afectado comprueba inapropiadamente la entrada suministrada por el usuario en consultas SQL. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de peticiones dise\u00f1adas que contienen sentencias SQL maliciosas hacia la aplicaci\u00f3n afectada. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante determinar la presencia de ciertos valores en la base de datos, lo que afectar\u00eda la confidencialidad del sistema."}], "lastModified": "2019-10-09T23:46:09.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2.10000.5\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "520555C7-5E9B-4C76-AAB5-5DD8B29D18F0"}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.10000.6\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21BFC3A9-B6B1-49EE-A93A-6432BFE33E84"}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.0\\(1.10000.10\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BA185BB-D78F-4F4E-B248-9AF550F0C4E0"}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1.10000.22\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEEEA592-F8A1-41F2-B152-87F0A9B6087E"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}