directory transversal


Vulnerabilities in Cisco’s Unified Communications Manager

Cisco published an advisory report yesterday detailing multiple vulnerabilities in there Unified Communications Manager.

There are three denial of service vulnerabilities that affect session initiation protocol services, two SQL injection vulnerabilities, and a directory transversal vulnerability.

These bugs affect versions 6-8 of Cisco’s Unified Communications Manager.

The DoS bugs are triggered by a malformed SIP message that could cause a critical process to fail, resulting in the failure of voice services.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.