CVE-2015-0699

CWE-89 ā€” SQL Injection4 documents4 sources
Severity
5.0MEDIUM
EPSS
0.2%
top 53.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Communications Domain Manager
Timeline
PublishedApr 15
Latest updateMay 17

Description

SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

šŸ”“Vulnerability Details

2
GHSA
GHSA-f6m8-h84x-xg8h: SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10ā†—2022-05-17
ā–¶
CVEList
CVE-2015-0699: SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10ā†—2015-04-15
ā–¶

šŸ“‹Vendor Advisories

1
Cisco
Cisco Unified Communications Manager Interactive Voice Response Interface SQL Injection Vulnerabilityā†—2015-04-14
ā–¶
CVE-2015-0699 (MEDIUM CVSS 5) | SQL injection vulnerability in the | cvebase.io