cbcvebase.
CVE-2015-6299
published 2015-09-20

CVE-2015-6299: SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL…

medium6.5CVSS 3.1
AVNACLAuSCPIPAP
SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.

Affected

2 ranges
VendorProductVersion rangeFixed in
ciscounity_connection
ciscounity_connection