CVE-2015-0683

CWE-200 — Information Exposure5 documents5 sources

Severity

4.0MEDIUM

EPSS

0.2%

top 60.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Communications Domain Manager

Timeline

PublishedApr 3

Latest updateMay 17

Description

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/unified_communications_domain_manager8.1\(.4\)

🔴Vulnerability Details

GHSA

GHSA-qq29-47mc-xxjq: Cisco Unified Communications Domain Manager 8↗2022-05-17

▶

CVEList

CVE-2015-0683: Cisco Unified Communications Domain Manager 8↗2015-04-03

▶

💥Exploits & PoCs

Exploit-DB

Cisco RV110W - Password Disclosure / Command Execution↗2018-12-14

▶

📋Vendor Advisories

Cisco

Cisco Unified Communications Domain Manager Application Software Information Disclosure Vulnerability↗2015-03-31

▶