CVE-2015-0682

CWE-2644 documents4 sources

Severity

6.5MEDIUM

EPSS

1.2%

top 20.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Communications Domain Manager

Timeline

PublishedApr 3

Latest updateMay 17

Description

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiting a "deprecated page," aka Bug ID CSCup90168.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/unified_communications_domain_manager8.1\(.4\)

🔴Vulnerability Details

GHSA

GHSA-4mqh-2fw5-cwj5: Cisco Unified Communications Domain Manager 8↗2022-05-17

▶

CVEList

CVE-2015-0682: Cisco Unified Communications Domain Manager 8↗2015-04-03

▶

📋Vendor Advisories

Cisco

Cisco Unified Communications Domain Manager Application Software Remote Code Execution Vulnerability↗2015-03-31

▶