CVE-2016-1437

Name of the Vulnerable Software and Affected Versions Cisco Prime Collaboration Deployment versions prior to 11.5.1

Description The issue allows remote authenticated users to execute arbitrary SQL commands via a crafted URL. This can be achieved by exploiting a SQL injection vulnerability in the SQL database.

Recommendations For versions prior to 11.5.1, update to version 11.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SQL database to minimize the risk of exploitation.