CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-0702

Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.0%

CVSS Severity

CVSS v2 Score 9.0

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=38455
http://www.securitytracker.com/id/1032165
http://tools.cisco.com/security/center/viewAlert.x?alertId=38455
http://www.securitytracker.com/id/1032165

Products affected by CVE-2015-0702

Cisco » Unified Meetingplace » Version: 8.6(1.9)

cpe:2.3:a:cisco:unified_meetingplace:8.6(1.9)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-0702

Products

Pricing

Contact Us