cvelist/2011/1xxx/CVE-2011-1609.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2011-1609",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "44331",
                "refsource": "SECUNIA",
                "url": "http://secunia.com/advisories/44331"
            },
            {
                "name": "20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",
                "refsource": "FULLDISC",
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html"
            },
            {
                "name": "1025449",
                "refsource": "SECTRACK",
                "url": "http://www.securitytracker.com/id?1025449"
            },
            {
                "name": "ADV-2011-1122",
                "refsource": "VUPEN",
                "url": "http://www.vupen.com/english/advisories/2011/1122"
            },
            {
                "name": "cisco-ucm-sql-injection(67125)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67125"
            },
            {
                "name": "20110427 Multiple Vulnerabilities in Cisco Unified Communications Manager",
                "refsource": "CISCO",
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml"
            },
            {
                "name": "47605",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/47605"
            }
        ]
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-17 22:32:22 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "psirt@cisco.com",`
			`"ID": "CVE-2011-1609",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "n/a",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-17 22:32:22 +00:00			`"lang": "eng",`
			`"value": "SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647."`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
"-Synchronized-Data." 2019-03-17 22:32:22 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "44331",`
			`"refsource": "SECUNIA",`
			`"url": "http://secunia.com/advisories/44331"`
			`},`
			`{`
			`"name": "20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability",`
			`"refsource": "FULLDISC",`
			`"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html"`
			`},`
			`{`
			`"name": "1025449",`
			`"refsource": "SECTRACK",`
			`"url": "http://www.securitytracker.com/id?1025449"`
			`},`
			`{`
			`"name": "ADV-2011-1122",`
			`"refsource": "VUPEN",`
			`"url": "http://www.vupen.com/english/advisories/2011/1122"`
			`},`
			`{`
			`"name": "cisco-ucm-sql-injection(67125)",`
			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67125"`
			`},`
			`{`
			`"name": "20110427 Multiple Vulnerabilities in Cisco Unified Communications Manager",`
			`"refsource": "CISCO",`
			`"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml"`
			`},`
			`{`
			`"name": "47605",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/47605"`
			`}`
			`]`
			`}`
			`}`