Vulnerability Details CVE-2015-4206
Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS protection mechanism via a crafted parameter, aka Bug ID CSCuu15266.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ucm
- http://www.securityfocus.com/bid/79196
- http://www.securitytracker.com/id/1034430
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ucm
- http://www.securityfocus.com/bid/79196
- http://www.securitytracker.com/id/1034430
Products affected by CVE-2015-4206
-
cpe:2.3:a:cisco:unified_communications_manager:8.0(2c)
-
cpe:2.3:a:cisco:unified_communications_manager:8.0(3)
-
cpe:2.3:a:cisco:unified_communications_manager:8.0_base
-
cpe:2.3:a:cisco:unified_communications_manager:8.5.1
-
cpe:2.3:a:cisco:unified_communications_manager:8.5_base
-
cpe:2.3:a:cisco:unified_communications_manager:8.6.1
-
cpe:2.3:a:cisco:unified_communications_manager:8.6.2
-
cpe:2.3:a:cisco:unified_communications_manager:8.6_base