This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The remote host is affected by a SQL injection vulnerability.
According to its self-reported version, the remote Cisco Unified
Communications Manager (CUCM) device is affected by a SQL injection
vulnerability in 'BulkViewFileContentsAction.java'. An authenticated,
remote attacker can exploit this, by using a crafted 'filename'
parameter, to execute arbitrary SQL commands to access sensitive
See also :
Upgrade to the relevant fixed version referenced in Cisco bug ID
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : true