Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-12227

EPSS 0.18% · P38
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-12227

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL queries that bypass protection filters. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements. An exploit could allow the attacker to view or modify entries in some database tables, affecting the integrity of the data. Cisco Bug IDs: CSCvb58973.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Emergency Responder SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Emergency Responder(ER)是美国思科(Cisco)公司的一套IP通信系统中的应急呼叫软件。该软件提供实时定位跟踪数据库和呼叫者的位置等功能。 Cisco ER中的SQL database interface存在SQL注入漏洞,该漏洞源于程序没有验证SQL查询中用户提交的输入。远程攻击者可通过发送带有SQL语句的特制URL利用该漏洞查看或更改数据库表格,影响数据的完整性。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Cisco Emergency Responder Cisco Emergency Responder -

II. Public POCs for CVE-2017-12227

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-12227

登录查看更多情报信息。

Same Patch Batch · n/a · 2017-09-07 · 77 CVEs total

CVE-2015-1590kamailio 安全漏洞
CVE-2017-9458Palo Alto Networks PAN-OS 安全漏洞
CVE-2015-3442Soreco Xpert.Line 安全漏洞
CVE-2015-3250Apache Directory LDAP API 信息泄露漏洞
CVE-2016-10405D-Link DIR-600L 安全漏洞
CVE-2017-9834WordPress WatuPRO插件SQL注入漏洞
CVE-2017-9779OCaml compiler 安全漏洞
CVE-2017-14147FiberHome User End Routers Bearing AN1020-25 安全漏洞
CVE-2017-12912MP3Gain 缓冲区错误漏洞
CVE-2017-12911MP3Gain 安全漏洞
CVE-2016-0732Pivotal Cloud Foundry和UAA 权限许可和访问控制问题漏洞
CVE-2017-1502IBM Content Navigator 跨站脚本漏洞
CVE-2017-14181mp4tools aacplusenc 安全漏洞
CVE-2017-1189IBM WebSphere Portal和Web Content Manager 跨站脚本漏洞
CVE-2017-1098IBM Emptoris Supplier Lifecycle Management 跨站脚本漏洞
CVE-2013-7428Joomla! Googlemaps插件安全漏洞
CVE-2017-14195dayrui FineCms 跨站脚本漏洞
CVE-2017-14194dayrui FineCms 跨站脚本漏洞
CVE-2017-14193dayrui FineCms 跨站脚本漏洞
CVE-2017-14192dayrui FineCms 跨站脚本漏洞

Showing top 20 of 77 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Cisco Emergency Responder
Same vendor: n/a
Same weakness: CWE-89

V. Comments for CVE-2017-12227

No comments yet

Leave a comment