CVE-2014-3339

CVE Database · CVE-2014-3339

CVE-2014-3339

· N/AModified

CVSS v3.1

N/A

EPSS

1.54%

Published

Aug 12, 2014

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.

Weaknesses (CWE)

CWE-89

Affected Products (2)

cisco · unified_communications_domain_managervulnerable

cisco · unified_presence_servervulnerable

References (6)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339

Vendor Advisory

http://www.securityfocus.com/bid/69200

https://exchange.xforce.ibmcloud.com/vulnerabilities/95250

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339

Vendor Advisory

http://www.securityfocus.com/bid/69200

https://exchange.xforce.ibmcloud.com/vulnerabilities/95250

KEV Catalog EPSS Scores Vendors All CVEs