VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 14, 2008· Updated Apr 23, 2026

CVE-2008-0026

CVE-2008-0026

Description

SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.

Affected products

20
  • Cisco Systems, Inc./Unified Callmanager9 versions
    cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.0\(1\):*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.0\(2\):*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.0\(3\):*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.0\(3a\):*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.0\(4\):*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.0_4a:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_callmanager:6.0:*:*:*:*:*:*:*
  • Cisco Systems, Inc./Unified Communications Manager11 versions
    cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_1:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_2:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_3:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_3a:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_4:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_4a:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:5.0_4a_su1:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:6.0_1:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.