In order to address high-severity vulnerabilities that could result in privilege escalation, SQL injection, directory traversal, and denial-of-service (DoS), Cisco has released security updates for a number of enterprise applications.
The web management interface of Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) is the most severely affected by these issues.
The bug, which has the tracking number CVE-2023-20211 and a CVSS rating of 8.1, is defined as an incorrect validation of user-supplied input that could enable a remote, authenticated attacker to conduct a SQL injection attack.
Read More: Cisco Patches High-Severity Vulnerabilities in Enterprise Applications
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.