exploitDog

CVE-2015-6331

Опубликовано: 12 окт. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca2
Vendor Advisory
http://www.securitytracker.com/id/1033782
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca2
Vendor Advisory
http://www.securitytracker.com/id/1033782
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:prime_collaboration_assurance:10.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00287

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-gcfj-6rh4-4c47

github

больше 3 лет назад

SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.

EPSS

Процентиль: 52%

0.00287

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89