Lucene search

[email protected]NVD:CVE-2015-0715

HistoryMay 07, 2015 - 1:59 a.m.

CVE-2015-0715

2015-05-0701:59:03

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.001

Percentile

41.4%

JSON

SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608.

Affected configurations

Nvd

Node

ciscounity_connectionMatch11.0\(0.98000.225\)

VendorProductVersionCPE
ciscounity_connection11.0(0.98000.225)cpe:2.3:a:cisco:unity_connection:11.0\(0.98000.225\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unity_connection	11.0(0.98000.225)	cpe:2.3:a:cisco:unity_connection:11.0\(0.98000.225\):::::::*

References

tools.cisco.com/security/center/viewAlert.x?alertId=38674

www.securitytracker.com/id/1032260

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.001

Percentile

41.4%

JSON

Related for NVD:CVE-2015-0715

nessus1 prion1 cvelist1 cisco1 cve1