CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6433

SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160105-cucm
http://www.securitytracker.com/id/1034583
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160105-cucm
http://www.securitytracker.com/id/1034583

Products affected by CVE-2015-6433

Cisco » Unified Communications Manager » Version: 11.0(0.98000.225)

cpe:2.3:a:cisco:unified_communications_manager:11.0(0.98000.225)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6433

Products

Pricing

Contact Us