Description
Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691.
Affected products
- Cisco / unified_meetingplace5 – 5
- Cisco / unified_meetingplace5.0 – 5.0
- Cisco / unified_meetingplace6.0 – 6.0
- Cisco / unified_meetingplace6.0.170.0 – 6.0.170.0
- Cisco / unified_meetingplace6.0.244 – 6.0.244
- Cisco / unified_meetingplace7.0 – 7.0
- Cisco / unified_meetingplace7.0.1 – 7.0.1
- Cisco / unified_meetingplace7.0.2 – 7.0.2