Cisco released security updates to address a High vulnerability in the Cisco Unified CM.  A remote attacker could exploit this vulnerability to read or modify any data on the underlying database or elevate their privileges.

For a complete description of the vulnerabilities and affected systems go to Cisco Unified Communications Manager SQL Injection Vulnerability.

IT Security

Read more about IT Security service offerings.