ID de Prueba:	1.3.6.1.4.1.25623.1.0.107060
Categoría:	CISCO
Título:	Cisco Prime Infrastructure Database Interface SQL Injection Vulnerability
Resumen:	A vulnerability in the Cisco Prime Infrastructure SQL database interface;could allow an authenticated, remote attacker to impact system confidentiality.
Descripción:	Summary: A vulnerability in the Cisco Prime Infrastructure SQL database interface could allow an authenticated, remote attacker to impact system confidentiality. Vulnerability Insight: The vulnerability is due to lack of input validation on user-supplied input within SQL queries. Vulnerability Impact: An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected system. An exploit could allow the attacker to determine the presence of certain values in the database. Repeated exploitation could result in a sustained denial of service (DoS) condition. Affected Software/OS: Cisco Prime Infrastructure 3.1.1 and previous versions Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6443 BugTraq ID: 93522 http://www.securityfocus.com/bid/93522 http://www.securitytracker.com/id/1037006
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.