CVE-2015-4233SQL Injection in Cisco Unified Meetingplace

CWE-89SQL Injection4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.5%
top 34.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Meetingplace
Timeline
PublishedJul 2
Latest updateMay 17

Description

SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu54037.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-2fg8-h8hj-9h3c: SQL injection vulnerability in Cisco Unified MeetingPlace 82022-05-17
CVEList
CVE-2015-4233: SQL injection vulnerability in Cisco Unified MeetingPlace 82015-07-02

📋Vendor Advisories

1
Cisco
Cisco Unified MeetingPlace SQL Injection Vulnerability2015-06-30
CVE-2015-4233 — SQL Injection in Cisco | cvebase