SQL Injection Vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager
CVE-2015-0753

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Web And E-mail Interaction Manager
Vendor: CVE Published:; 29 May 2015

Summary

An SQL injection vulnerability exists in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager, allowing remote attackers to execute arbitrary SQL commands through unspecified vectors. This flaw could lead to unauthorized access to database content, potentially compromising sensitive information and impacting the integrity of the affected systems.

References

http://www.securitytracker.com/id/1032422

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 29, 2015
Vulnerability Reserved
Jan 7, 2015