SQL Injection Vulnerability in Cisco Prime Collaboration Assurance
CVE-2015-6331

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Collaboration Assurance
Vendor: CVE Published:; 12 October 2015

Summary

A vulnerability exists within the web framework of Cisco Prime Collaboration Assurance that permits remote authenticated users to execute arbitrary SQL commands. This issue can be exploited through unspecified vectors, potentially allowing attackers to manipulate the database and access sensitive information. Organizations using affected versions of the product should review the implications of this vulnerability and ensure proper security measures are in place to mitigate potential risks.

References

http://www.securitytracker.com/id/1033782

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 12, 2015
Vulnerability Reserved
Aug 17, 2015