Lucene search

CiscoCVE-2015-0753

HistoryMay 29, 2015 - 3:59 p.m.

CVE-2015-0753

2015-05-2915:59:07

CWE-20

cisco

web.nvd.nist.gov

cve-2015-0753

sql injection

cisco

eim

wim

bug id cscuu30028

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

53.1%

JSON

SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028.

Affected configurations

Nvd

Node

ciscounified_web_and_e-mail_interaction_managerMatch9.0\(2\)

VendorProductVersionCPE
ciscounified_web_and_e-mail_interaction_manager9.0(2)cpe:2.3:a:cisco:unified_web_and_e-mail_interaction_manager:9.0\(2\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_web_and_e-mail_interaction_manager	9.0(2)	cpe:2.3:a:cisco:unified_web_and_e-mail_interaction_manager:9.0\(2\):::::::*

References

tools.cisco.com/security/center/viewAlert.x?alertId=39013

www.securitytracker.com/id/1032422

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

53.1%

JSON

Related for CVE-2015-0753