CVE-2010-0139

critical Cisco
CVSS v3 Base Score
9.0
AV:N/AC:L/Au:N/C:P/I:P/A:C
EPSS Score
0.6%
Exploitation probability in 30 days
Top 29% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
C
Published: January 28, 2010 (5949 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691.

CWE

CWE-89

Affected Products

cisco unified meetingplace

References

🔗 www.cisco.com 🔗 www.securityfocus.com 🔗 www.cisco.com 🔗 www.securityfocus.com