CVE-2015-6331 β€” SQL Injection in Cisco Prime Collaboration Assurance

CWE-89 β€” SQL Injection4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 47.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Prime Collaboration Assurance
Timeline
PublishedOct 12
Latest updateMay 17

Description

SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-gcfj-6rh4-4c47: SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10β†—2022-05-17
β–Ά
CVEList
CVE-2015-6331: SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10β†—2015-10-12
β–Ά

πŸ“‹Vendor Advisories

1
Cisco
Cisco Prime Collaboration Assurance SQL Injection Vulnerability↗2015-10-08
β–Ά
CVE-2015-6331 β€” SQL Injection in Cisco | cvebase