CVE-2015-0699

SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.

Published: Apr 15, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0699
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_domain_manager	10.5(1.98991.13)	10.5(1.98991.13).x

http://tools.cisco.com/security/center/viewAlert.x?alertId=38366
http://www.securitytracker.com/id/1032134

Vulnerability Database

290,020

CVE-2015-0699