Cisco Security Advisory - The Cisco Unified Communications Manager (previously known as Cisco CallManager) contains three denial of service, one directory traversal, and two remote SQL injection vulnerabilities. Cisco has released free software updates for affected Cisco Unified Communications Manager versions to address the vulnerabilities. A workaround exists only for the SIP DoS vulnerabilities.
5ae74f0b10827f96802e2977dc8fccc4979630a072e817f89575dcdb335060fa