CVE-2015-0717Improper Input Validation in Cisco Unified Communications Manager

CWE-20Improper Input ValidationCWE-2644 documents4 sources
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 73.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Communications Manager
Timeline
PublishedMay 16
Latest updateMay 17

Description

Cisco Unified Communications Manager 10.0(1.10000.12) allows local users to gain privileges via a command string in an unspecified parameter, aka Bug ID CSCut19546.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

NVDcisco/unified_communications_manager10.0\(1.10000.12\)

🔴Vulnerability Details

2
GHSA
GHSA-2pg2-fqwq-2432: Cisco Unified Communications Manager 102022-05-17
CVEList
CVE-2015-0717: Cisco Unified Communications Manager 102015-05-16

📋Vendor Advisories

1
Cisco
Cisco Unified Communications Manager root Shell Access Local Privilege Escalation Vulnerability2015-05-08
CVE-2015-0717 — Improper Input Validation in Cisco | cvebase