Rewterz Threat Advisory – CVE-2023-20057 – Cisco Email Security Appliance Vulnerability
January 19, 2023Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
January 19, 2023Rewterz Threat Advisory – CVE-2023-20057 – Cisco Email Security Appliance Vulnerability
January 19, 2023Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
January 19, 2023Severity
High
Analysis Summary
CVE-2023-20010
Cisco Unified Communications Manager is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the system, which could allow the attacker to read or modify any data on the underlying database or elevate their privileges.
Impact
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2023-20010
Affected Vendors
Cisco
Affected Products
- Cisco Unified Communications Manager 11.5(1)
- Cisco Unified Communications Manager 12.5(1)
- Cisco Unified Communications Manager 14
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.